PingDirectory

Creating a group

You can add users as members to groups that delegated administrators create and manage. You can also add subgroups as members to a group.

The configuration for each delegated group type consists of the following elements:

Group REST resource type

Defines the attributes to locate groups in the directory information tree (DIT).

Parent DN or Parent resource type

Specifies the location in which to create groups in the DIT.

  • To specify a parent distinguished name (DN) for a resource type, enter the value in the Parent DN text box in the Resource Creation section. The parent DN is often identical to the search base DN, such as ou=customers,ou=Groups, dc=example,dc=com.

  • To specify a parent resource type, select a value from the Parent Resource Type list in the Resource Creation section. Delegated administrators are subsequently presented with a list box that lets them select a resource, and the group is created under the selected parent resource. If you specify a parent resource type, set a value for the Primary Display Attribute Type in the Delegated Admin section. This setting determines the values that are displayed in the Delegated Admin GUI. For example, a primary display attribute type of ou displays the ou value in the list box for each resource within the parent resource type.

Attributes

These attributes are presented to the delegated administrators.

To configure a group REST resource type, go to Configuration → REST Resource Types page in the PingData Administrative Console.

When creating or editing a REST resource type, the Search Base DN field in the General Configuration section determines the data structure that is searched in Delegated Admin, and the Display Name field in the Delegated Admin section specifies the label of the REST resource in the Delegated Admin GUI.

PingData Attributes
PingData Administrative Console Delegated Admin GUI

UI field

Window and section

UI field onNew Group page

Display Name

Configuration → REST Resource Types. Create or edit a REST resource type, and then go to the Delegated Admin section.

Select a Type label

REST Resource Type

Configuration → Delegated Admin Rights. Create or edit Delegated Admin rights, and then click New Delegated Admin Resource Rights.

Select a Type option

Parent Resource Type

Configuration → REST Resource Types. Create or edit a REST resource type, and then go to the Resource Creation section.

Display name for parent resource type

Display Name

Configuration → REST Resource Types. Create or edit a REST resource type, and then go to the Delegated Admin Attributes section. Click New Delegated Admin Attribute.

Additional fields such as CN, Description, Business Category, and Organization