Creating Groups

  1. If you are not an Administrator, be sure you meet the Creating Groups.

  2. Click System > Security.

  3. Click Groups then Create Group.

  4. Enter an intuitive name and description.

  5. In Group Membership specify the users or child groups to add to the group you are defining, or select a parent group to which to add your new group. Perform any task:

  • To include users and groups in the new group, click Add User | Add Child Group and selecting the user or group. Members can access the artifacts and tools for each system security role to which the group is assigned.

  • To revoke group membership, select users and groups and click Remove.This revokes their access to the tools and artifacts group membership provides based on role assignments.

  • To nest the group in a parent group, click Add Groups in Parent Groups That Contain This Group and select a higher level group. Members in this parent group inherit it's access and permissions based on role assignments.

  1. Click Save.

Creating Exclusion Groups

Define an exclusion group to grant almost everyone - except a particular group or a small number of users - group access to a tool or artifact.

  1. Click System > Administration > Security.

  2. Click Groups then Create Exclusion Group.

  3. Enter an intuitive name and description that indicates who is being restricted by this group. For example, to omit a department, consider Everyone-But-<Department name>.

  4. In Group Membership click Add Child Groups or Add Users to specify who to include in the group.

  5. To prevent members accessing artifacts to which the group has role-based access, set particular users or groups to Deny Access. Otherwise, set members to Allow Access.

  6. Use the arrows to order the exclusions carefully, because access is granted - regardless of a user's membership in a group, based on the order you specify.

    For example, if Amelia and Bob are in the Frankfurt Controller group, the order below does not restrict them from artifacts, even though they are listed first, because they are in the Frankfurt Controller group.
    ""

    To ensure Amelia and Bob can not access artifacts, put Frankfurt Controller first, set to Allow Access. Put Amelia and Bob below the group, set to Deny Access.

  7. Click Save.