Administration Guide : Xinet Groups : Creating and editing groups

Creating and editing groups
On servers with Active Directory
After your server has been bound to Active Directory, groups and their memberships cannot be created, deleted, or edited through the xinet ADMINISTRATION view. (Step 5., however, describes an exception for some systems.) After binding, Xinet, instead, will register groups created on the Active Directory server and display those in its GUI. Sometimes, however, the Active Directory server defines groups that are irrelevant to your use of Xinet, with these extra groups slowing down administrative tasks. To “filter out” those groups and their users from the various Xinet pages where they would otherwise appear, (Users, Styles, Plug-ins, Permissions tabs, etc.), follow these steps:
1.
Engage the Use Group List option which appears at the top of the Xinet Volumes/Users, Groups, Groups page when Active Directory is in use.
2.
Use the Groups pop-up list(s) to select a group, and click the Add button to add the selected group to your Xinet Group List. (You could also edit the /usr/etc/webnative/system.userlist or C:\Program Files\Xinet\WebNative\Bin\system.userlist file by hand to achieve the same thing.)
3.
[optional] Use the Remove buttons if you’d like to filter out Active Directory groups from use with Xinet.
4.
Click the Save button to register any changes.
5.
[Optional note for servers bound to Active Directory that do no use Centrify]
Some systems may have local Apache users in the apache.userlist file and groups from the /usr/adm/webnative/groups file or C:\Program Files\Xinet\WebNative\Admin\groups file that were created before the system was bound to Active Directory or when Active Directory binding was disabled. If your system does, and you would like to use Xinet administration options with them, such as the Use Group List option described in this section, follow these steps:
a.
Using a text editor, open the system.userlist file that was created during the process used to bind the Xinet server to Active Directory. (Xinet TechNote 218 provides details.) This file resides in the /usr/etc/webnative directory on Unix systems and C:\Program Files\Xinet\WebNative on Windows systems.
b.
Add the following line to system.userlist and save the file.
UseApacheList=1
Local Apache users and groups will now be available for Xinet administration. (You can disable this by removing the line altogether or by changing =1 to =0.)
c.
Refresh your Xinet GUI cache. Begin again with Step 1. and add local groups as desired to your Group Lists.
On servers without Active Directory
Adding new Xinet groups and editing membership for existing groups are similar activities. For either, follow these steps:
1.
Select the Volumes/Users, Groups subtab.
2.
If it is a new group, click the New Group link and type in the name in the Group Name field, shown in Figure 0-2. If it is an existing group whose membership you are modifying, click on the Edit Group tab and choose the group with the pop-up Group Menu list. If an asterisk appears next to a group name, it means the group has a subadministrator.
Figure 0-2 Adding a new group
3.
Existing Xinet users appear in the Users list. Click on user names and use the Add> button to add them to the group. In a similar fashion, select and use the <Remove button to remove a member from the group membership list.
Depending on the number of users on your system, you may have to use a pop-up alphabetical-range selector to find users.
4.
When you are satisfied with your settings, click on the Add Group or Submit Changes button. You may also click on the Dismiss button if you do not want to save what you’ve just done.