7.2 Manually Creating User Groups

Rather than assign roles to individual users, you can create user groups and assign roles to the user groups. Users (and other user groups) that are added to a group inherit the group’s roles.

User group roles are cumulative. If you add a user to a group, the user retains its directly assigned roles and also gains the roles inherited from the group.

  1. On the main navigation bar, click Getting Started, then click Create Users and Groups (in the Set Up Your Cloud Environment list).

    or

    On the main navigation bar, click Organizations.

  2. Click the User Groups tab, then click Create to display the Create User Group dialog box.

  3. Provide the following details to define the user group:

    Full Name: Specify the group’s full name as you want it to appear in NetIQ Cloud Manager.

    E-Mail Address: This field is optional. If you enter an e-mail address, any messages generated for the group’s roles are sent to the e-mail address. If you don’t enter an e-mail address, the messages are sent to the group members’ addresses.

  4. Select the group’s scope:

    Organization: An organization scope enables the group to be assigned roles within a specific organization. The roles are Approver, Build Administrator, Business Group Viewer, Business Service Owner, Organization Manager, and Sponsor.

    To give the group an organization scope, select Organization, then select the organization in which to place the group.

    System: A system scope enables the group to be assigned roles for the Cloud Manager system. The roles are Approver, Build Administrator, Catalog Manager, Cloud Administrator, and Zone Administrator. In addition, a System group can be given any of the organization roles.

  5. (System user groups only) Assign system-level roles to the group.

    The system-level roles are Approver, Build Administrator, Catalog Manager, Cloud Administrator, and Zone Administrator. These roles can be assigned only to System user groups.

    1. To assign the Approver, Build Administrator, Catalog Manager, or Cloud Administrator role, click the System tab, click Add, select the desired roles, then click OK.

    2. To assign the Zone Administrator role, click the Zone tab, click Add, select the desired zone, then click OK.

  6. Assign organization-level roles to the group.

    The organization-level roles are Approver, Build Administrator, Business Group Viewer, Business Service Owner, Organization Manager, and Sponsor. The Approver and Build Administrator roles can be assigned only to System user groups. The other roles can be assigned to both System and Organization user groups.

    Several of the roles can be assigned at the organization, business group, or business service level. For example, you can make a user group a Sponsor for a business group, in which case the group members can approve requests for business services from that business group only. Or, you can make the user group a Sponsor for the organization, in which case the group members can approve requests for all business services in the organization.

    1. Click the Organization tab to add a role at the organization level, click the Business Group tab to add a role at the business group level, or click the Business Service tab to add a role at the business service level.

    2. Click the role that you want to assign.

      For example, if you selected the Business Group tab and you want to enable the user group to create business services for the business group, click Business Service Owner.

    3. Click Add, select the object (organization, business group, or business service) to which you want the role to apply, then click OK to add it to the list.

  7. Add members to the group:

    1. Click the Membership tab.

    2. Click Members, then click Add to display the Add Members dialog box.

    3. Select the users and user groups you want to add to the group.

      You can Shift-click and Ctrl-click to select multiple users and groups.

    4. Click OK to add the users and user groups to the Members list.

  8. When you have finished assigning roles and adding members, click Save.

For more information about user groups and roles, see Section III, User Management.