How to allow User Application users to modify group membership?

  • 3789878
  • 30-Apr-2007
  • 26-Apr-2012

Environment


Novell Identity Manager 3.0.1
Novell User Application 3.0.1

Situation

How do you allow non-User Application Admin users to be able to modify the members that are in a group?

Resolution

Here are the steps. Note that this is done in iManager as this is an eDirectory rights issue and not a User Application issue:

1) In iManger go to View Objects and navigate to your User's Container and select Modify Trustees
a) Add the Group as a Trustee
b) Select the Assigned Rights next to the group
c) Add the attribute 'Group Membership' with Compare, Read, Write Rights and mark it 'Inherit'
d) Press Done
e) Press Apply
f) Press OK

2) In iManger go to View Objects and navigate to Group you want to modify (the one you used above) and select Modify Trustees
a) Add the Group as a Trustee
b) Select the Assigned Rights next to the group
c) Add the attribute 'Equivalent To Me' with Compare, Read, Write Rights and mark it 'Inherit'
d) Press Done
e) Select the Assigned Rights next to the [ROOT]
f) Made sure that the attribute 'Member' has Compare, Read, Write, and Self Rights are enabled
g) Press Apply
h) Press OK

3) Either restart JBoss or flush the cache