Applies To:
GroupID 8, 9, 10 - Self-Service
Business Requirement:
We want to allow a role in GroupID to be able to create only the group and contact object types through the Self-Service portal. Can this be done?
Solution:
Using the GroupID Self-Service portal, users can create the following object types:
- Smart Group (Security and Distribution)
- Static Group (Security and Distribution)
- User, Mailbox, and Contact
To grant or deny the permission for creating specific objects, follow the steps below.
Steps:
- In GroupID Management Console, click the Identity Stores node.
- On the Identity Stores tab, double-click the required identity store to open its properties.
- Click the Security Roles tab.
- Select a role to allow or deny permissions to, and click Edit.
- On the Role Properties page, click the Permissions tab.
The 'Create' permissions for the Self-Service portal are highlighted below: -
Select the Allow option button for a permission to assign it to the role.
Select the Deny option button for a permission to deny it to the role. - Click OK to save the changes.
Let's assume you allow the role to create groups and contacts using the portal. This is how the result will look like:
We can also enforce granular configurations, like, allow users to create only security groups or distribution lists using the portal. Or we can limit users to create contacts in a specific OU. We can also define a workflow that is triggered on create or modify events. This article does not cover these topics.
Reference:
GroupID Online Help topic: Managing roles