You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

COmanage Groups (CO Groups) are defined at the CO level, and CO Group Memberships attach to the CO Person. CO Groups are fairly basic, for more sophisticated needs COmanage can be connected to Grouper using the Grouper Provisioning Plugin.

CO Group Attributes

Open vs Closed

An open group is one that allows anyone to join. Participants can self-join, no administrator action is required. Memberships in a closed group can only be set by the group owner.

In addition, CO Administrators can manage any CO Group within their CO.

CO Group Membership Attributes

Member vs Owner

A group member is simply a participant in the group. A group owner has permission to add and remove members to and from the group, including closed groups. A CO Person can be a member, and owner, both, or neither.

The CO Person who creates a CO Group is automatically set as both a member and owner of the new group.

Special CO Groups

Admin Groups

Admin Groups are used to determine Registry Administrators.

  • The admin group determines CO Administrators.
  • Groups of the form admin:couname determine COU Administrators.

Admin Groups are automatically created when a CO or COU is created. The Platform Administrator typically sets the initial CO Administrator, and then the CO Administrators

Members Groups

Members Groups are automatically updated with all members of the CO or COU.

  • The members group holds all CO People within the CO.
  • Groups of the form members:couname hold all CO People with a role in the specified COU.

Members Groups are automatically created and updated.

As of v1.1.0, the CO Members Group and COU Members Groups only hold CO People with an Active or Grace Period role in the specified COU.

CO Group Memberships and Enrollment

CO Group Memberships can be added as part of an Enrollment Flow by adding an attribute of the appropriate type. For more details, see Registry Enrollment Flow Configuration.

CO Group Memberships can also be added via Organizational Identity Sources.

See Also

  • No labels