Before you can effectively use Authorization Manager to control access to resources, you must define groups of users. To define an application group, use the following procedure.
You must be assigned to the Authorization Manager Administrator user role to complete this procedure. By default, Administrators is the minimum Windows group membership assigned to this role. Review the details in "Additional considerations" in this topic.
|To create a group within an authorization store|
If necessary, open Authorization Manager.
In the console tree, right-click Groups, and then click New Application Group.
In the New Application Group dialog box, in Name, type a name for the group.
In Description, type a description for the group.
In Group type, click Basic Application Group, LDAP Query Application Group, or Business Rule Application Group. (For more information about the types of groups you can create, see "Additional references" in this topic.)
- To perform this procedure, you need to have
access to an authorization store. By default, members of the
Administrators group have the required access, but
Authorization Manager allows you to delegate responsibility.