Grouper Users - Open Discussion List

[Burkhard Wald <>]

Hallo Eileen,

for our department we had setup three subfolders within grouper.
1) "staff" : here we have groups which represent the structure of our organisation. (ou-structure)
2) "systems". here we have groups which represent the right to access to some IT-system (for instance a web application)
3) "working groups": for instance project groups
Often the groups of the staff folder are the members of the groups in the systems folder. New colleagues must only placed in
some staff group. Automaticly they become access to different IT-systems over their indirect memberships
in the systems groups.

In the systems folder we have two special groups
a) "department grouper workers": granting the right to login into grouper. For instance people who are admistrator of at least one group.
b) "department groups administrators": granting admin privilege for most of our department groups

"department groups administrators" is a menber (hence a subgroup) of "department grouper workers".
"department grouper workers" has the read privilege to all of our department groups.

Burkhard

Am 22.04.2010 18:53, schrieb Eileen Roach:

Anyone care to share their governance model for managing groups?  Or refer me to another more appropriate list for this type of question?

Thanks in advance,
Eileen

-- 

Eileen Roach
Programmer/Analyst - ITS Identity Management

(805) 756-6214