Within any given directory, you can choose the groups to which each user belongs. Note that a user's group membership is particularly important, as groups are often used to control access to applications.

グループ

The Crowd Administration Console provides two ways of adding users to or removing users from a group:

  • The group management screen for a specific group — Here you can add many users at once to the selected group.
  • The user management screen for a specific user — Here you can add the selected user to one or more groups at a time.

Full instructions are in Adding Users to a Group and Removing Users from a Group.

ロール

Support for roles, previously deprecatedhas been removed in Crowd 2.5. The implementation of roles in Crowd was identical to the implementation of groups and did not provide any extra functionality.

Multiple Directories

When Crowd determines a person's access to an application based on their membership of a group, what happens if the same username exists in more than one directory? Crowd will look for group membership only in the first directory where the username appears, based on the order of directories mapped to the application. See Specifying the Directory Order for an Application.

例:

  • Two directories are mapped to Application A: The Customers directory and the Partners directory.
  • The Customers directory is mapped first in the 'Directory Order' for Application A.
  • ユーザー名 jsmith は Customers ディレクトリと Partners ディレクトリの両方に存在します。
  • ユーザー jsmith は、Customers ディレクトリの G1 グループと Partners ディレクトリの G2 グループのメンバーです。
  • Crowd will grant the user access to Application A based on membership of G1. For purposes of granting access to this application, Crowd will not consider jsmith a member of group G2.

関連トピック

Crowd Documentation