Personal tools
Navigation
 
Document Actions

3.2. Using the Client Membership Service

Up one level
Using the Client Membership Service

Membership Service

The membership service makes it easier to manage groups of users and resources. Instead of giving every user access to every resource (n*m rules), given every user access to the group, and group members access to every resource (n+m rules). The Managing users and suppliers section of the client manual explains how this service is used, while this guide only covers how to set it up.

Before the membership service can be used, at least one person must be given the manager role, which permits them to create new membership groups.

To give someone the manager role on the service:

  1. Go to the main page (https://<servername>:8443/gria-client-mgt).

  2. Click on the Membership Service link.

  3. In the access control table at the bottom of the page, choose Subject DN is ... and click Add:

Access Control List

  1. Upload the certificate for the manager you wish to add into the form. Grant them the manager role. See the PBAC administrator's guide for more details about setting access control rules.

Managers can now create new membership groups, to which they can add users, as described in Managing users and suppliers.


Next: Using the Kerberos STS Previous: Using the Client Management Registry Service  
Powered by Plone CMS, the Open Source Content Management System