4.6 Groups

MyID lets you organize people into groups. These form a hierarchy, with each person belonging exclusively to a single group. This structure normally represents the reporting structure within your organization, since it forms the basis for defining the security scope of each person.

The way you manage groups differs depending on whether or not you are integrating with an LDAP directory.

If you are integrating with an LDAP directory, your group structure may be based on the Organizational Units (OUs) within the directory. Alternatively, you may base your groups on the reporting structure of your organization or on geographical location.

The changes that you can make to your group structure are limited by the amount of integration with an LDAP directory you are implementing (see section 5, Using an LDAP directory).

Groups are frequently associated with a particular OU (Organizational Unit) in your LDAP directory. This is especially important if you have a Certificate Authority using data from the same directory (for example, to support Windows smart card logon). MyID allows you to record such relationships and provides import and export options to help maintain consistency between the database and the LDAP directory.

If you are integrating with a directory, use the Edit Groups option to import groups from your directory. See the Editing groups section in the Operator's Guide for details.