Users can be added as members to groups that delegated administrators create and manage. Subgroups can also be added as members to a group.

The configuration for each delegated group type consists of the following elements:

  • Group REST resource type – Defines the attributes to locate groups in the directory information tree (DIT).
  • Parent DN or Parent resource type – Specifies the location in which to create groups in the DIT.
    • To specify a Parent DN for a resource type, type the value in the Parent DN text box in the Resource Creation section. The Parent DN is often identical to the Search Base DN, such as ou=customers,ou=Groups, dc=example,dc=com.
    • To specify a Parent resource type, select a value from the Parent Resource Type list box in the Resource Creation section. Delegated administrators are subsequently presented with a list box that lets them select a resource, and the group is created under the selected parent resource. If you specify a Parent resource type, set a value for the Primary Display Attribute Type in the Delegated Admin section. This setting determines the values that are displayed in the Delegated Admin GUI. For example, a Primary Display attribute type of ou displays the ou value in the list box for each resource within the Parent resource type.
  • Attributes to present to the delegated administrators.

To configure a Group REST resource type, use the Edit Group REST Resource Type page in the PingData Administrator Console. The Search Base DN value in the General Configuration section determines the data structure that is searched in Delegated Admin, and the Display Name value in the Delegated Admin section specifies the label of the REST resource in the Delegated Admin GUI.

PingData Administrator Console Delegated Admin
UI Form Field Page and Section UI Form Field on Create a New Group Page
Display Name General Configuration > Delegated Admin Select a Type label
REST Resource Type Edit Delegated Admin Rights > Delegated Admin Resource Rights Select a Type option
Parent Resource Type General Configuration > Resource Creation Display name for Parent resource type
Display Name General Configuration > Delegated Admin Attributes Additional elements like CN, Description, Business Category, and Organization