Managing Groups
You can create, edit, and delete groups in the native security domain.
You can assign roles, permissions, and privileges to a group in the native or an LDAP security domain. You cannot delete or modify the properties of group accounts in the LDAP security domains. The roles, permissions, and privileges assigned to the group determines the tasks that users in the group can perform within the Informatica domain.
Adding a Native Group
Add, edit, or remove native groups on the Security tab.
A native group can contain native or LDAP user accounts or other native groups. You can create multiple levels of native groups. For example, the Finance group contains the AccountsPayable group which contains the OfficeSupplies group. The Finance group is the parent group of the AccountsPayable group and the AccountsPayable group is the parent group of the OfficeSupplies group. Each group can contain other native groups.
1. In the Administrator tool, click the Security tab.
2. On the Security Actions menu, click Create Group.
3. Enter the following information for the group:
Property | Description |
|---|
Name | Name of the group. The name is not case sensitive and cannot exceed 128 characters. It cannot include a tab, newline character, or the following special characters: , + " \ < > ; / * % ? The name can include an ASCII space character except for the first and last character. All other space characters are not allowed. |
Parent Group | Group to which the new group belongs. If you select a native group before you click Create Group, the selected group is the parent group. Otherwise, Parent Group field displays Native indicating that the new group does not belong to a group. |
Description | Description of the group. The group description cannot exceed 765 characters or include the following special characters: < > “ |
4. Click Browse to select a different parent group.
You can create more than one level of groups and subgroups.
5. Click OK to save the group.
Editing Properties of a Native Group
After you create a group, you can change the description of the group and the list of users in the group. You cannot change the name of the group or the parent of the group. To change the parent of the group, you must move the group to another group.
1. In the Administrator tool, click the Security tab.
2. In the Groups section of the Navigator, select a native group and click Edit.
3. Change the description of the group.
4. To change the list of users in the group, click the Users tab.
The Users tab displays the list of users in the domain and the list of users assigned to the group.
5. To assign users to the group, select a user account in the All Users column and click Add.
6. To remove a user from a group, select a user account in the Assigned Users column and click Remove.
7. Click OK to save the changes.
Moving a Native Group to Another Native Group
To organize the groups of users in the native security domain, you can set up nested groups and move a group to another group.
To move a native group to another native group, right-click the name of a native group in the Groups section of the Navigator and select Move Group.
Deleting a Native Group
To delete a native group, right-click the group name in the Groups section of the Navigator and select Delete Group.
When you delete a group, the users in the group lose their membership in the group and all permissions or privileges inherited from group.
When you delete a group, the Service Manager deletes all groups and subgroups that belong to the group.
LDAP Groups
You cannot add, edit, or delete LDAP groups or modify user assignments to LDAP groups in the Administrator tool. You must manage groups and user assignments in the LDAP directory service.