If you have Windows servers with local users and groups, you can add those servers to EmpowerID as managed account stores. This allows you to inventory local users and groups and manage those objects from EmpowerID, providing you with automated role-based access control, delegated permissions administration, provisioning policy capabilities with a full audit trail of any actions involving those objects. This article demonstrates how to manage local Windows groups in EmpowerID.
To manage local Windows groups
- From the Navigation Sidebar of the EmpowerID Web interface, expand Resources and click Computers.
- From the Computer page, click the Local Groups tab and then click the Advanced Search drop-down button shown below to open advanced search options. This allows you to limit the local groups appearing in the grid to those on a specific local Windows server that are managing.
- Type the name of your local Windows server in the Computer field and press ENTER. You should see all groups on the server appear in the grid.
- Type the logon name for the local group you want to manage and then press ENTER.
This filters the computers shown in the grid.
- From the grid, click the Logon Name link for the group.
This directs you to the View One page for the local group. View one pages allow you to view and edit the objects to which they are linked.
Expand the Group Members accordion. You should see all user accounts who are members of the group.
If the computer is a local Windows computer that also belongs to an inventoried domain, you can have both local and domain user accounts in any of the local groups.
- You can add and remove members from the group as needed. To add a member, you type the name of a user account in the Enter Name to Add field and click the tile for that user account to select it.
- You can remove existing members by ticking the box to the left of the user account you want to remove.
- To submit your changes, click the Submit button.