When creating your initial provisioning and authentication policies, one of the fields you can specify is what group the policy shall be associated with. A group is a set of users that have been placed into a custom category set by you. A group can be anything- those who have 2FA enabled, those who are employed under your company’s marketing team, etc.
Synced vs Local Groups
When creating a group, you have two sources in which they can be derived from: Active Directory or Local. If you have Directory Sync enabled (See Users: Directory Sync) groups can be automatically synced from an active directory. It is important to keep in mind though that groups have one-way synchronization and cannot be edited directly from Passly.
Local groups are created and managed through Passly. They will not be synced to an established directory, however you can add users from a directory to be saved in a group locally.
To add a group, click the “+” button on the “All groups” page. A menu will appear on the right-hand side of the screen directing you to name your group. Once you have entered a name, click “Add Group”. To exit the screen without creating a group, select “Cancel”.
Once a group is added, it will appear on the main “All Groups” page. Click the name of the group or the three dots on the right-side of the screen to edit the group.
Adding Users to Groups
Once you have selected the group you wish to edit, the next step is to manually add members. The “+” icon gives you two options- add users individually or add established groups.
- Add Users to Group: You can select as many users as you want by clicking the checkmark box next to users’ names, as well as filter by title or simply use select all. Once you are satisfied by your selection, click “Add Users”.
- Add Groups to Group: This option allows you to nest established groups within a new group. By clicking this option, a menu will appear directing you to select groups from those available. Select the groups you want to add and then click Add Groups.
You can also add a User to a group by going to Directory Manager > Users > (User Name) > Memberships and add a user to a group using the “Add Group” button. This will allow you to add a user to multiple groups at the same time.
Removing Users From Groups
Your added users will be displayed in a box with a person icon, accompanied by the number of users added to your group.To remove a group member, click the pencil icon. You may select as many users you want to remove using the checkbox next to their name, or under “select all”. Once you have selected the users you wish to remove, click “Remove Selected”.