This page last changed on Jun 12, 2007 by rosie@atlassian.com.
Groups and roles are known as permission container objects.

Groups are particularly important in Crowd, as they are often used to control access to applications. Note also that the crowd-administrators group confers Crowd administration rights to its members.

Roles are used less frequently, depending on the requirements of individual applications.


To add a group or role,

  1. Login to the Crowd Administration Console.
  2. Click the 'Groups' link (or the 'Roles' link) in the top navigation bar.
  3. This will display the Group Browser (or Role Browser). Click the 'Add Group' link (or the 'Add Role' link).
  4. Complete the fields as described in the table below, then click the 'Create' button.
    You can now add principals (users) to the new group or role.


Field Description
Name The unique name of the group or role. Within a given directory, the Name must be unique. Note that the Name cannot be changed once the group or role is created.
Description A short description of the group or role.
Directory The directory to which the group or role will be added. Note that the group or role cannot be moved to a different directory after it is created.
Active Only deselect this if you wish to deny access to all members of the group or role.



Screenshot 1: 'Group Browser'




Screenshot 2: 'Add Group'


Groups (not roles) can also be added via Crowd's migration tools — see 2.4 Importing Principals and Groups into a Directory.

See Also

3.4 Specifying which Groups can access an Application

Related Topics  

Crowd Documentation  


Document generated by Confluence on Jun 20, 2007 20:58