Versions Compared

Old Version 4

changes.mady.by.user Dhiraj Kumar

Saved on

compared with

New Version 5

changes.mady.by.user Dhiraj Kumar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

To add account to a group, using the PBAC membership policy, we need to follow the below steps

  1. Add a PBAC attribute to a an account - PBAC field type or an attribute is a connector used to connect an EmpowerID actor like an account to a PBAC membership policy target such as a group.

  2. Create a PBAC membership policy for a group - It is required to create a PBAC membership policy so that we can use it for a target type( e.g., a Group).

  3. Add the same PBAC attribute to the policy - PBAC field type or attribute should be added to a PBAC membership policy, for connecting it to an EmpowerID actor.

  4. Wait for policy compilation and verify the result - Once the policy is compiled the account will be added to the group.

...

  1. On the navbar, expand Identity Administration and select User Accounts.

  2. Search for an account to that you want to add a PBAC field Type.

  3. Click on the account’s logon name link to open the view-one page for the account.

  4. Click on the PBAC attribute assignments on the left menu. After that click on the + icon to add a PBAC attribute. Select the radio button Attribute Only, search for the name of the attribute and select the two check boxes for values of attribute (sales and IT). Click Save.

  5. This will add this attribute to the account.



Create a PBAC membership policy for a group

PBAC Membership policies can be created on the view one page of the roles, groups, and collections that are the target of the policy. In the below example, we demonstrate how to create a policy using the view-one page of a group that is the target of the policy.

  1. On the navbar, expand Identity Administration and select Groups.

  2. Search for a group name.

    Image Added

     

  3. Click on the group logon name hyperlink to open the group’s view-one page.

    Image Added

     

  4. Select the Advanced tab and scroll down to select Attribute-Based Membership Policies.

    Image Added

     

  5. Click on the + icon in the above image to create a new membership policy for this group. The below page will open. Enter the name of the policy, select a policy type. Check the IsEnable check box. Select the minute interval (say 15 min) and click on Save.

    Image Added

  6. This will create the PBAC membership policy and queue it for compilation.

    Image Added

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue

...