Groups

The Groups tab is used to define the security groups, to specify the users and groups who belong to them, and to specify the security roles to which they are associated. Security groups are a collection of users and/or other security groups that have similar roles in your organization and similar needs for accessing work item data. Without using security groups, every user would need to be individually given permission to access the various modules and views. With groups, you can assign multiple users with similar roles and permission requirements to a single security group, and you can then assign a single security group permission to access a module or a view. Users can be assigned to more than one security group. If a user is assigned to more than one security group, that user has all the permissions associated with all the groups to which they are assigned.

Adding a security group

Several default security groups are included. If these groups aren't the right ones for how your organization wants to work, you can add new ones.

To add a security group

From the application toolbar, click Setup, and then select System Settings.
Select the Security tab.
Select the Groups tab.
Click New.
Under Group Properties, enter a name and a description. Select the Active check box to activate the group.
Under Users and Groups, select a user or a security group from the left pane and move them to the right pane to add them to the security group.
Under Global Administrative Roles, choose the security roles to which the security group will belong.
Click Save.

Assigning a user to a security group

You can assign users and security groups to security groups. Security groups are given permission to access modules and views by assigning the security group to one or more security roles.

To assign a user to a security group

From the application toolbar, click Setup, and then select System Settings.
Select the Security tab.
Select the Groups tab.
Select the name of the security group to which you want to assign a user or group.
Under Users and Groups, select the name of the user or group you want to add move the user or group to the column on the right.
Click Save.

Copying a security group

You can add a security group by copying the properties of an existing security group. When you copy a security group, the users and/or security groups that are assigned to the security group from which the copy is made will also be copied.

To copy a security group

From the application toolbar, click Setup, and then select System Settings.
Select the Security tab.
Select the Groups tab.
Select the security group you want to copy and click Copy.
Under Group Properties, enter a name and a description. Select the Active check box to activate the group.
Under Users and Groups, select a user or a security group from the left pane and move them to the right pane to add them to the security group.
Under Global Administrative Roles, choose the security roles to which the security group will belong.
Click Save.

Deleting a security group

If your organization doesn't need a security group, you can delete it.

To delete a security group

From the application toolbar, click Setup, and then select System Settings.
Select the Security tab.
Select the Groups tab.
Select a group.
Click Delete. Confirm.

Editing a security group

Make your changes and then save them.

To edit a security group

From the application toolbar, click Setup, and then select System Settings.
Select the Security tab.
Click the Groups tab.
Select a group.
Make your changes.
Click Save.

Importing security groups

You can import users from an existing network directory service, such as Active Directory or Novell eDirectory. You must first set up the authentication provider, which determines which users and/or security groups will be imported. You can configure the authentication provider to be run periodically. When the authentication provider is re-run, only new or changed data will be imported. First name, last name, status, and email address are used to determine which users are new and/or have been changed. A user's username, password, domain, and authentication provider will remain unchanged.

To import security groups

From the application toolbar, click Setup, and then select System Settings.
In the Import Users dialog box, select the authentication provider from which you are importing.
The Import Users dialog box displays your authentication provider settings as read-only.
Type the following in the Name and Password boxes: If the authentication provider you selected uses the Application authentication type, type the database user name and password in the corresponding boxes. If the authentication provider you selected uses the Active Directory authentication type, type the domain user name (such as user name), a qualified domain name (such as domain/username), or a full distinguished name (such as cn=username,ou=pretend, dc=domain, dc=com) and password in the corresponding boxes. If the authentication provider you selected uses the Novell eDirectory authentication type, type a full distinguished name and password in the corresponding boxes.
Click Import. When users are imported, their user name and password are lowercase. When the import completes, click OK. If the import returns an error, check the authentication provider to ensure it is configured properly. Also ensure that the user context running the import has sufficient rights on the directory services server. If the user context does not have sufficient rights, the query will return null strings for those parts of the query the user cannot access. Once you have imported the users and groups, you can edit their information on the Users tab and Groups tab in the Security.