Groups and roles are known as permission container objects. Groups are particularly important in Crowd, as they are often used to control access to applications. Note also that the crowd-administrators group confers Crowd administration rights to its members.
Roles are used less frequently, depending on the requirements of individual applications.
To add a group or role,
- Log in to the Crowd Administration Console.
- Click the 'Groups' or 'Roles' link in the top navigation bar.
- This will display the Group Browser (or Role Browser). Click 'Add Group' or 'Add Role' in the left-hand menu.
- Complete the fields as described in the table below, then click the 'Create' button.
You can now add users to the new group or role.
| Field |
Description |
| Name |
The unique name of the group or role. Within a given directory, the Name must be unique. Note that the Name cannot be changed once the group or role is created. |
| Description |
A short description of the group or role. |
| Directory |
The directory to which the group or role will be added. Note that the group or role cannot be moved to a different directory after it is created. |
| Active |
Only deselect this if you wish to deny access to all members of the group or role. |
Screenshot 1: 'Group Browser'
Screenshot 2: 'Add Group'
See Also
3.4 Specifying which Groups can access an Application
Related Topics
Crowd Documentation
