Groups

Groups are defined subsets of users or groups. Groups can be created manually or imported. They are also created automatically when importing users.

Assign a role

When you edit or create a new group, you need to assign one or more roles. Assign roles to a group to give the members specific permission on the system e.g. give the student group the member role. And create a group teachers with the moderator role.

Select a role in the left column and click on >> to assign the role to the (new) group.  Click Add to commit your work, or continue with Members to add members.

Add members

Select the tab members and click Add to add members or groups to this group.

Select group or user and start typing in the Name field. Existing groups/members will be suggested.

 

Download Secret key

When combined with the permission Download group's secret key the interface will show an additional feature to download a key. This secret key can be used when setting up communication with other applications via the Presentations 2Go API.

 

 

 

Import groups

Create or download an example csv file in the following format to bulk import/create users into groups.

 

group,username,isgroup,action
group1,user1,FALSE,import
group1,user2,FALSE,delete
group1,group2,TRUE,import
group1,group3,TRUE,delete
group1,group4,TRUE,delete

Use the isgroup parameter to create groups into groups. Groups that are not yet registered will automatically be created.

In saml mode identifying users based on username or email address might not always uniquely identify the user. That’s why we use Username, Email address and eduPersonTargetedID. This means you can use either username, or username and email address or eduPersonTargetedID and username and email address in the username column.

So:

Group,Username,isgroup

Group,Username|emailaddress,isgroup

Group,EdupersonTargetedID|Username|emailaddress,isgroup

NOTE: Restrict the amount of entries. Too many entries will cause time-out issues. Large lists are better processed automatically.

If you are in a federated environment and allow access to users from other organizations en you cannot guarantee that these users one unique emailaddress per organization (for example if organisations allow Hotmail address), you should also use EdupersonTargetedID in your csv files.

NOTE: SAML authenticated servers need to add additional information when removing users in bulk. Since the unique username is now a combination of 3 attributes.

E.g.:

group1,| |uid01,false,delete
group2,|email@address.eu|,false,delete
group3,ae234356f2123bbc6395339c364cdba5674cd1fc||, false,delete

Automatic groups in SAML2

If you use SAML2 as authentication provider, you can use the eduPersonAffiliation attribute to grant membership of groups based on the affiliation. Affiliation attributes often used (eg. In OpenConext) are “Employee” and “Student”.

When you create a group affiliation.Employee, a user logging in with the eduPersonAffiliation attribute set to Employee, will automatically become member of that group. Similar you can use the group affiliation.Student to detect users with the eduPersonAffiliation attribute set to Student.

Like Authenticated Users and Anonymous users groups, membership of that group is automatic and you don’t have to add users in that group.

Have more questions? Submit a request

Comments