Another way to manage your user’s permissions is through Security Groups.
When running our Discovery tool, your Security Groups get copied to itopia Catalog section. You can then import the groups from Catalog to send them to cloud (they will be created in AD).
Best practice is to create Security groups and folder structure with the permissions before moving the data to the folders.
Creating Security groups
There are 2 ways of creating a security group in AD.
- One is running the discovery and importing the groups from catalog. To import security groups from the catalog go to Cloud Desktops - Security groups and hover your mouse over the green + sign in the top right. Click Import from catalog.
2. Create groups manually clicking on the green + sign in the top right:
To delete a group, check the box next to the name and hit the trash icon on the top menu.
Click the number under Users to see who is assigned to the Security Group
Mark the box next to the Group name and select the pencil icon to edit users:
Select users to add them and unselect to remove them from the group.
IMPORTANT: There are some security groups created by the domain automatically. Please don't create security groups with following names since they already exist in AD and could cause a conflict:
Access Control Assistance Operators, Account Operators, Administrators, Backup Operators, Cert Publishers, Distributed COM Users, DnsAdmins, Domain Admins, Domain Computers, Domain Controllers, Domain Guests, Domain Users, Enterprise Admins, Enterprise Read-Only Domain Controllers, Event Log Readers, Group Policy Creators Owners, Guests, Network Configuration Operators, Performance Monitor Users, Print Operators, Protected Users, Remote Desktop Users, Remote Management Users, Replicator Schema Admins, Server Operators, Users
- Find out more on how to manage folder permissions.
- If you provisioned an environment extending your existing AD, learn how to import security groups from your AD here.