Versions Compared

Version Old Version 8 New Version 9
Changes made by

Geoff Nelson

Geoff Nelson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Austin Active Directory Department Group Tools are used to manage a Department's groups using a convenient and easy to use web interface.  They allow for group management in scenarios where the native Active Directory tools are not installed or where that can not they cannot even be installed such as on a computer running a non-Windows OS.There are three roles within the tool: Department OU Owner, Account Assignee, and Account Claimant.


Roles

The following roles are defined in the Department Group Tools:

RolesGroup ScopeAvailable ActionsHow Someone Falls into Scope of the Role

Status
subtletrue
colourBlue
titleOU Owner

Groups native to the Department Group Tools

Add Department Group Administrator

Remove Department Group Administrator

When a Department OU is created, the requestor provides a list of the initial OU Owners.

Department OU Owners can edit (add/remove) owners of the Department OU.

If a Department falls in the scenario where there are no valid OU Owners (for example, all of the owners are former staff), the owners can be updated by one of the following processes:

  • The Head of the Department submits a request to the AD team, specifying the EIDs of the new OU Owners.
  • IT staff member from the department contacts the ISO who will review it and then submit a request to the AD team, specifying the EIDs of the new OU Owners.

Status
subtletrue
colourGreen
titleGroup Administrator

Create Group

Delete Group

Rename Group

Update Group Description

Set Group Managers

Department OU Owners manage the Group Admins.

Status
subtletrue
colourYellow
titleGroup Manager

Add a Group Member

Remove a Group Member


Status
subtletrue
titleManaged ByGroup Manager

Groups existing within a Department OUManage the memberships of the group (add/remove members)

Add a Group Member

Remove a Group Member

You (or a group you are a member of) is set on the ManagedBy of a group.

...

All groups created by the Department Group Tools are stored in the Department's sub-OU located in austin.utexas.edu/Groups/Managed


Add Department Group Administrator

Status
subtletrue
colourBlue
titleOU Owner


Remove Department Group Administrator

Status
subtletrue
colourBlue
titleOU Owner


Create Group

Status
subtletrue
colourGreen
titleGroup Administrator


Delete Group

Status
subtletrue
colourGreen
titleGroup Administrator


Rename Group

Status
subtletrue
colourGreen
titleGroup Administrator


Update Group Description

Status
subtletrue
colourGreen
titleGroup Administrator


Set Group Managers

Status
subtletrue
colourGreen
titleGroup Administrator


Add a Group Member

Status
subtletrue
colourYellow
titleGroup Manager


Remove a Group Member

Status
subtletrue
colourYellow
titleGroup Manager


Add a Group Member

Status
subtletrue
titleGroup Manager


Remove a Group Member

Status
subtletrue
titleGroup Manager

Logging

All actions taken in the Department Group Tools is logged and sent to Splunk.

...