Specifications
55
Creating Groups
Groups represent the alternative type of principal. Groups offer a more convenient type for larger
enterprises with a greater user base. This chapter details what a group represents and how they are
utilized.
By the end of this chapter the reader should have a sound understanding of groups and how they can
be used to provide structure to a user base.
What are Groups?
Principals define users in two forms: the singular being represented by a single account and the plural
being a collection of accounts.
Groups allow for a more structured approach to account management; allowing an administrative user
to categorize types of accounts under one heading as the diagram below shows.
Groups can be manipulated within the system as single entities but remember that all operations on the
group will affect all accounts within the group. For example, an SSL tunnel resource can be linked to a
single group and instantly every user within that group will be granted access to the attached resource.