This page last changed on Jul 29, 2009 by smaddox.

Within any given directory, you can choose the groups and roles to which each user belongs. Note that a user's group membership is particularly important, as groups are often used to control access to applications.

Groups

The Crowd Administration Console provides two ways of adding users to or removing users from a group:

  • The group management screen for a specific group — Here you can add many users at once to the selected group.
  • The user management screen for a specific user — Here you can add the selected user to one or more groups at a time.

Full instructions are in Adding Users to a Group and Removing Users from a Group.

Roles

Crowd's role-based access control could be enhanced
At present, the implementation of roles in Crowd is identical to the implementation of groups. Additional development work would be needed to differentiate the functionality of roles from groups. If you would like to help us to design better role-based access control, please add a comment to the improvement request CWD-931, letting us know how you would like to see it work.

To add a user to a role,

  1. Log in to the Crowd Administration Console.
  2. Click the 'Users' link in the top navigation bar.
  3. This will display the User Browser. Select the relevant directory, locate the user you wish to add, and click the link on the user's name.
  4. This will display the 'User Details' screen. Click the 'Roles' tab.
  5. A list of the user's current roles (if any) will be displayed, as shown on the screenshot below. Select the relevant role from the drop-down box below the list, then click the 'Add' button.

Screenshot: Managing a user's roles



Multiple Directories

If the same username exists in more than one directory assigned to an application, Crowd treats these usernames as the same user. Crowd searches all the assigned directories for the user, and amalgamates the group and role memberships.

For example, let's assume you have a user 'jsmith' who exists in both directories 'Customers' and 'Partners', and is a member of group 'G1' in 'Customers' and 'G2' in 'Partners'. Crowd will grant access to the user based on membership of both 'G1' and 'G2'.

RELATED TOPICS

Crowd Documentation


console-principalgroups.jpg (image/jpeg)
View User Groups.png (image/png)
UserRoles.png (image/png)
UserRoles.png (image/png)
View User Groups.png (image/png)
Document generated by Confluence on Jul 30, 2009 01:29