Deploy access right groups

In Case of Design & Work, a new authorization structure compiled on the basis of the read authorization structure in accordance with the Best Practice of Microsoft. This is the one of

  • new permission and list groups,
  • nesting of available groups and accounts in the new groups, as well as the nesting of new groups in each other, and
  • the access rights contained in the groups that have access to the directories.

1. Task of this function

In Case of Deploy Groups, the new authorization and list groups are written in the AD. In these, the provided groups and accounts are nested.
For this you need the write rights on the AD, for example the domain admin

Deploy Groups

2. Deploy-OU (Organizational Unit)

The groups are stored at OU of the AD. You have specified this in the OU (canonical name): "here it is once again in the field" Deploy-OU: ". In a standard case, migRaven will generate a further OU with the file server name below the OU specified by you and wants to store the appropriate groups in it. If you do not want this file server OU, you can assign the value "0" to the parameter "Server OU" in the migRaven.exe.config (more config options).

3. Configured list rights

In the group configuration below the list of rights, you could set which type of list should be assigned to which directory levels.
Here one displays again, which lists are assigned where.
The highlighted bar displays, list authorization groups are assigned from which level up to which level.
These are rights only for the current directory and include the authorization groups of the underlying authorization end points.

No list rights are assigned across the highlighted bars up to level 0.

The authorization groups have the following rights.

4. Following is generated

Here statistical data is made for the list and authorization groups.

5. One writes with the following account

Normally the groups are written in the AD, with which you started migRaven, If the rights of this account are not sufficient, you have the required rights. This account is only used for this write procedure.

6. Action - Start the write procedure

The Deploy is started with a checkmark in case of "I confirm this action" and by pressing the button "Start action".

7. report

The new AD-groups and the OU were created.

8. Status

If this work step succeeds, then the project gets status 2 in the project administration.

Permanent link to this post: