Versions Compared

Old Version 4

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To onboard a group, follow these steps:

  1. Access the Portal: Log in to the Resource Admin app in portal for your environment.

  2. Navigate to Group Workflows: In Resource Admin, select Groups from the Resource Type menu and then select the Workflows tab.

  3. Launch the Onboard Group Workflow: Click Onboard Group to start the workflow.

    This opens the Onboard Group wizard workflow. Follow the wizard and fill in the fields of each section with the appropriate information for your group. Please note that the sections and fields available may vary depending on the configuration of the workflow parameters.

  4. Select a Tenant or Directory: Choose the tenant or directory location for the new group. For on-premise directories like Active Directory, additionally select the appropriate Organizational Unit (OU).

  5. Submit and Proceed: Click Submit to move to the Group Information section.

  6. Fill in General Group Information: Provide details in the following fields:

    • Group Purpose Text: Enter a name for the group.

    • Group Purpose Additional Text: Enter a display name for the group.

    • Group Usage Type: Indicate the intended usage category for the group.

    • Group Description: Optionally, give a brief description of the group.

      image-20240115-193434.png


  7. Configure Membership Options:

    • Decide if you want to add permanent members to the group.

    • Choose whether to apply RBAC membership policies to the group.

  8. Click Next to proceed to Additional Group Details and enter additional information about the group, including:

    • Group Type: Select the appropriate type for the group.

    • Is Mail Enabled: If applicable, enable this feature and specify email settings, such as requiring authenticated senders and setting the email domain. Please note mail settings only appear when onboarding groups in directories that support email usage.

    • Notes: Add any relevant notes about the group.

  9. Click Next to proceed to Owner Information and enter the following information:

    • Responsible Party: Search for and select the user responsible for managing and maintaining the group.

    • Owners: Search for and select one or more users to be group owners.

    • Deputies: Search for and select one or more users to be group deputies.

  10. Click Next to proceed to IAM Shop Settings and do the following:

    • Decide if the group should be available for request in the IAM Shop.

    • If yes, select an Access Request Policy and define the following assignee types:

      • Eligible Assignees: Choose the type (Person, Group, SetGroup, Management Role, Business Role and Location), then search for and select the specific assignees eligible to request access to the group in the IAM Shop.

      • Preapproved Assignees: Choose the type (Person, Group, SetGroup, Management Role, Business Role and Location), then search for and select the specific assignees who are pre-approved for the group.

      • Suggested Assignees: Choose the type (Person, Group, SetGroup, Management Role, Business Role and Location), then search for and select the specific assignees suggested for the group.

    • Optionally, enter any Additional IAM Shop Settings information.

  11. Click Next to proceed.

  12. If you opted to add group members earlier, search for and select one or more accounts to add as group members and then click Next to proceed.

  13. If you opted to add RBAC Membership policies earlier, do the following:

    • Select the type of RBAC Membership policy type: Choose the type of RBAC Membership policy to apply. Available types include:

      • Person

      • Group

      • Set Group

      • Management Role

      • Management Role Definition

      • Business Role and Location

    • Search for and select the Assignee: Based on the selected policy type, search for and select the specific assignee. For example, if you selected "Management Role," search for and choose the appropriate Management Role.

    • Add Additional Assignees: Repeat the above steps to add additional assignee types as needed.

    • Preview RBAC Membership Resultant People (Optional): Click Preview RBAC Membership Resultant People to see the number of individuals who will be added to the group based on the policy. Review the resultant count, then click Next to view the detailed list of people.

  14. If you opted to Preview RBAC Membership Resultant People:

    • Review the resultant count.

    • Click Next to review the detailed list of people.

  15. Review and Submit:

    • Review the Summary Information: Ensure all information is correct.

    • Click Submit: Finalize the group onboarding.

  16. Complete the Wizard:

    • Review the Operation Execution Summary and click Submit to finalize the process.

    • Click Submit again to exit the wizard.

...