Configuring users and groups for application authorization in IAG

  • Article

Applies To: Intelligent Application Gateway (IAG)

Repositories are databases containing user and group information; a user can be defined as an individual unit or associated with a group. This section describes how you define repositories of users and user groups, which you can then use in order to define authorization for applications published in a Whale Communications Intelligent Application Gateway (IAG) 2007 portal.

A local group is a repository of users that you define once and can reuse when defining authorization for portal applications. A local group can contain users and groups from one or more user or group servers. It can also contain other local groups. You can include or exclude individual users and groups from a local group. You can duplicate local groups by saving a group with a different name.

After defining user or group servers and local groups, you can define authorization settings for portal applications. For instructions, see the section "Configuring application server access and authorization", in Configuring the properties of applications published in an IAG portal.

Creating user/group servers

Define a user/group server as follows:

To define a user/group server:

  1. In the IAG Configuration console, on the Admin menu, click Authentication and User/Group Servers.

  2. In the Authentication and User/Group Servers dialog box, click Add.

  3. Use the Add Server dialog box to define the server. For details regarding each server-type, click Help.

    Tip

    For a description of the types of authentication and user/group servers you can use with IAG, see Configuring authentication and authorization servers in IAG.

  4. Repeat steps 2 through 3 to define all the required servers. You can now use the servers to define local groups.

Creating local groups

Create a local group as follows:

To create a local group

  1. In the IAG Configuration console, click Local Groups on the Admin menu.

  2. In the Local Groups dialog box, click Add.

  3. In the Name Local Group dialog box, specify a name for the group.

  4. In the Add Local Group [group_name] dialog box, click Add.

  5. In the Select Users or Group dialog box, click Look in, and select the server on which the users or groups are defined.

  6. In the Repository Users and Groups list, select the user or group.

Note

Click the search icon to search for users and groups.

  1. Click the view icon to specify the users and groups that should be displayed. You can select to show a combination of users, groups, and subfolders. You can click the search icon to search for specific users and groups, in accordance with the view setting you have specified. By default, users, groups, and subfolders are displayed.

    Note

    For Active Directory Domain Services and LDAP servers, the Repository Users and Groups list groups first and then users. If you have chosen to display subfolders, then these are listed too. The path of the selected folder is shown above the Users/Groups list.

  2. Click Add to add the selected user or group as a local group.

    Note

    You can also define users and groups on the Authorization tab of the application properties for applications published in a portal. Select users and groups in the Authorization tab, and then click Save as Local Group to save your selection.

Editing local groups

Edit a local group as follows:

To edit the definitions of an existing local group

  1. In the IAG console, click Local Groups on the Admin menu.

  2. In the Local Groups dialog box, select the group you want to modify.

  3. To delete a local group, select the required entry, and then click Remove.

  4. To modify a local group, select the required entry, and then click Edit.

  5. In the Edit Local Group [group_name] dialog box, click the entry for the group you want to modify. The name of the local group is displayed in the left pane. If this group contains other local groups, these are also displayed. The right pane lists all the users and groups that are part of the local group, and it indicates whether a user or group is included or excluded from the local group. To change include or exclude settings, double-click the entry in the Include/Exclude column in order to toggle the status of the user or group.

Duplicating local groups

Duplicate a local group as follows:

To duplicate a local group

  1. In the IAG console, click Local Groups on the Admin menu.

  2. In the Local Groups dialog box, select an entry, and click Save As.