Table of Contents
In Case of Design & Work, a new authorization structure compiled on the basis of the read authorization structure in accordance with the Best Practice of Microsoft. This is the one of
- new permission and list groups,
- nesting of available groups and accounts in the new groups, as well as the nesting of new groups in each other, and
- the access rights contained in the groups that have access to the directories.
1. Task of this function
In Case of Deploy Groups, the new authorization and list groups are written in the AD. In these, the provided groups and accounts are nested.
For this you need the write rights on the AD, for example the domain admin
2. Deploy-OU (Organizational Unit)
The groups are stored at OU of the AD. You have specified this in the OU (canonical name): "here it is once again in the field" Deploy-OU: ". In a standard case, migRaven will generate a further OU with the file server name below the OU specified by you and wants to store the appropriate groups in it. If you do not want this file server OU, you can assign the value "0" to the parameter "Server OU" in the migRaven.exe.config (more config options).
3. Configured list rights
In the group configuration below the list of rights, you could set which type of list should be assigned to which directory levels.
Here one displays again, which lists are assigned where.
The highlighted bar displays, list authorization groups are assigned from which level up to which level.
These are rights only for the current directory and include the authorization groups of the underlying authorization end points.
No list rights are assigned across the highlighted bars up to level 0.
The authorization groups have the following rights.
4. Following is generated
Here statistical data is made for the list and authorization groups.
5. One writes with the following account
Normally the groups are written in the AD, with which you started migRaven, If the rights of this account are not sufficient, you have the required rights. This account is only used for this write procedure.
6. Action - Start the write procedure
The Deploy is started with a checkmark in case of "I confirm this action" and by pressing the button "Start action".
The new AD-groups and the OU were created.
If this work step succeeds, then the project gets status 2 in the project administration.