Identity and Access Management
Creating a policy group (run template)
Last modified 1/5/2024
Using the "run template" function of a folder to create a policy group.
- Navigate to empty target folder
- Expand “Folder Actions” menu on right
- Select “Create folder”
- Fill out form to name folder and click "save"
- When in the new folder select “Folder actions” and “Run Template” (do not do this in your directory provisioning folders as this will generate multiple groups that should not be populated in the directory)
- Select the type of template type
Policy group creates a composite that with “allow” and “deny” groups to manage final group and is the type most users will need
Application is for Grouper internal security management
Grouper Deployment Guide structure is not generally used by the average user - After selecting “policy group” you will create a “key” (name) for the root of the group then click “next”
- Grouper will ask if you want to create “allow” and “deny” ad hoc groups (if you select to create them now you can always delete them later, creating them later is more difficult)
- Click “Next”
- Group structure that is created:
- To have the policy group populated with the final desired group add groups to the “allow” group (if using ad hoc add users to the “allow_manual” group) and the groups you want deny access add to the “deny” (if using ad hoc add users to the “deny_manual” group).
- You can then use the “policy” group to populate a group that is getting passed to the directories or as a factor in another group if desired.
Still Need Assistance?
Please submit a ticket to the Technology Support Center (supportcenter@ilstu.edu) requesting it be directed to the Office of Identity and Access Management