Identity Management

General Information

Delegate Member Management for a Manual Group

Introduction

Follow this procedure if you to delegate the management of your group to a third party.

Connect to Admin Server

Connect to the appropriate Admin server via RDP (Remote Desktop).

  • Server:  p-admin-ad-2.ad.calpoly.edu
    • For DEV, use: d-its-admin-01.ad-dev.calpoly.edu
    • For TST, use: t-its-admin01.ad-tst.calpoly.edu
    • For PRD, use p-admin-ad-2.ad.calpoly.edu
  • Select "Use another account"
  • Enter your username, including the CALPOLY\ prefix: CALPOLY\jmustang
  • Enter your password and click OK.

Launch Active Directory Administrative Center

Once connected to the Admin server, you must start the Active Directory Administrative Center application.

Windows users: Be sure you are in full screen on your primary monitor, otherwise the Windows Logo Key  will not be sent to the remote desktop.

  • Press the Windows Logo Key  , or, for Mac users, the Command key. This will open the Start pane of Windows.
  • Start typing "active"
  • Find and click on the Active Directory Administrative Center application.

Once the Active Directory Administrative Center is running, you can "Pin" it to the task bar. Next time, you can just click on this task bar icon.

Navigate to your delegated Groups OU

  • Switch to Tree View in the navigation pane.
  • Navigate to the Groups/Manual OU.
  • Navigate to the delegated Groups OU with the information given to you by the Identity Management or Portal team.
    • Portal groups are under /Manual/IS/Portal/uPortal (these groups generally grant access for users to Portlets)
    • Workflow groups are under /Manual/IS/Portal/Workflow (these groups generally grant access for users to Workflows)
       

Open an Existing Group

Follow this procedure only if you wish to open an existing group to see its properties and members.

  • Select the Group and click Properties in the Tasks pane on the right.

Delegate Member Management for a Group

  • Create another group that will have the managers as members, e.g. IS-IDM Water Club Managers, and populate its members.  See Enterprise Groups: View, Create, or Delete Manual Groups for how to create a group.  See Enterprise Groups: Managing Manual Group Memberships for how to manage memberships.
  • Select the Managed By section.
  • Click the Edit... button in the Managed By section.

  • Enter the name of the Managers group (e.g. IS-IDM Water Club Managers), click Check Names then click OK.

     

  • Check the box "Manager can update membership list".

    Without checking the box "Manager can update membership list", the managed by information is only informational and they will not have any additional permissions on the group.

  • Click OK

Disconnect from Admin Server

When you have completed your work you can disconnect from the Admin Server.

  • Press the keyboard combination <Ctrl> <Esc> at the same time to get to the Start pane.
  • In the upper right corner, click on your name and then click on Sign out.

Related Content