📄️ About the View One Group Page
Each resource object that EmpowerID protects has a View One page associated with it. For groups, this page is the “View One Person Page.” This page contains tabs and accordions that provide information about a specific group and gives administrators and other delegated users the ability to manage that group in EmpowerID. The below image shows what a typical View One Group Page looks like to a user with admin access to the group.
📄️ Adding Groups to Groups
In EmpowerID, you can add one or more groups as members of another group, allowing their members to inherit any entitlements or delegations assigned to the parent group. This simplifies access management by ensuring that permissions are applied consistently across related groups. For example, if a group has a policy that grants members a home folder, adding another group without such a policy will extend that entitlement to all members of the added group.
📄️ Removing Groups from Groups
In EmpowerID, you can remove groups that are members of other groups when membership criteria change. When a group is removed, any entitlements or delegations it inherited through the parent group’s policies are processed according to those policies. This ensures that access is managed dynamically and in compliance with organizational rules.
📄️ Role-Based Group Memberships
EmpowerID allows you to dynamically assign users to groups using role-based delegations. Assignees can be any EmpowerID Actor type, such as Business Role and Location combinations, Management Roles, Query-Based Collections and other groups. This article demonstrates this by creating a dynamic group membership for anyone assigned to a specific Business Role and Location. In this way, any person who belongs to the Business Role and Location is automatically added to the group as a member.