Creating Groups


Essentially, a group is nothing more than a list of users. Nevertheless, groups are used as a means to organize access to file and folder permissions, share points, Web sites, email groups, and managed workgroup settings.

This section discusses initial group configuration; the next section covers adding users to group lists. Implementation of groups in specific services is discussed in future chapters.

To create a group:

1.

Launch the Workgroup Manager tool located in /Applications/Server, and authenticate as the administrator (Figure 4.40).

Figure 4.40. Open the Workgroup Manager tool, and authenticate as an administrator.


2.

Click the Accounts icon in the Toolbar and the Group icon in the account types tab (Figure 4.41).

Figure 4.41. Click the Accounts button and the group tab in Workgroup Manager.


3.

Click the directory authentication icon , and select the appropriate directory database from the pop-up menu (Figure 4.42).

Figure 4.42. Select the appropriate directory database from the selection pop-up menu.


4.

Click the New Group button .

The information in the Members frame is populated with a new untitled group (Figure 4.43).

Figure 4.43. Enter the basic attributes for a group.


5.

Enter a new group name (long name), short name, and group ID.

Using the automatically generated Group ID is usually acceptable (Figure 4.44). It's good practice to keep the long name and short name the same, although doing so isn't required.

Figure 4.44. View the basic group information, including the group ID.


6.

When you've finished making changes, click the Save button .

You can now begin populating this group with members; see the section "Adding Users to Groups."

Tip

  • As is the case for user accounts, no two group short names or group IDs should be the same.


Assigning group folders

Just as a user can have a home folder, a group can have a group folder. The group folder is used as a common access point for all members of that group. Group folders aren't required for remote login access or any other services; they're convenient locations for shared files. However, group folders must reside inside a share point that your client computers can access. Refer to Chapter 5, "File Sharing," for more information about configuring share points.

To assign a group folder:

1.

In Workgroup Manager, navigate to the appropriate directory and group list that you wish to have a group folder (Figure 4.45). See steps 13 of the task "To create a group."

Figure 4.45. Use Workgroup Manager to navigate to the appropriate directory and group list.


2.

Select the group to which you wish to assign a group folder (Figure 4.46).

Figure 4.46. Select the group to which you wish to assign a group folder.


3.

Click the Group Folder tab (Figure 4.47).

Figure 4.47. Click the Group Folder tab.


4.

Select the share point where the group folder will reside by doing one of the following:.

  • If this server has been configured with network mount share points such as sharing the Group folder, select one of those shares from the list (Figure 4.48). (See the task "To create additional network mounts" in Chapter 5.)

    Figure 4.48. Select a group folder location from the network mount list.


  • Click the Add button , and specify a custom share point. You must specify the server's address, the share point, and the client's mount point (Figure 4.49).

    Figure 4.49. Specify the server's address, the share point, and the client's mount point.


5.

To specify an owner for the group folder, click the ellipsis button next to the Owner Name field.

A user drawer appears to one side of the main Workgroup Manager window (Figure 4.50).

Figure 4.50. When you click the ellipsis button, a user drawer appears to one side of the main Workgroup Manager window.


6.

Click and drag a user account from the user list to the Owner Name field (Figure 4.51).

Figure 4.51. Drag a user account to the Owner Name field.


7.

When you've finished making changes, click the Save button .

The group folder will automatically be created overnight on the server, provided the server is left running.

Tips

  • You can use command-line tools to enable disk usage quotas per group account. See "Setting disk quotas via the command line" for more information.

  • You can force the server to create the group folder immediately by entering the following command in the Terminal: sudo creategroupfolder.


Adding users to groups

Groups are generally more useful when you add accounts to their member list. Fortunately, Workgroup Manager provides an easy-to-use interface for managing group members. The next task shows you how to add users to groups; conversely, the task after that shows how to add groups to users.

To add users to a group:

1.

Launch the Workgroup Manager tool located in /Applications/Server, and authenticate as the administrator (Figure 4.52).

Figure 4.52. Open the Workgroup Manager tool, and authenticate as an administrator.


2.

Click the Accounts icon in the Toolbar and the Group icon in the account types tab (Figure 4.53).

Figure 4.53. Click the Accounts button and the Group tab in Workgroup Manager.


3.

Click the directory authentication icon , and select the appropriate directory database from the pop-up menu (Figure 4.54).

Figure 4.54. Select the appropriate directory database from the selection pop-up menu.


4.

Select the group to which you wish to assign users (Figure 4.55).

Figure 4.55. Select the group to which you want to add users.


5.

Click the Members tab , and then click the Add button next to the Members list.

A user drawer appears to one side of the main Workgroup Manager window (Figure 4.56).

Figure 4.56. When you clicking the Add button, a user drawer appears to one side of the main Workgroup Manager window.


6.

Click and drag a user account or list of users from the user list to the Members field (Figure 4.57).

Figure 4.57. Drag user accounts to the Members field.


7.

When you've finished making changes, click the Save button .

Tips

  • To delete group members, click the account in the Members list, and then click the Delete button .

  • On Mac OS X Server 10.3, you can't add a group to another group's user list.

  • Administrative users are automatically placed in the Admin group user list.


Adding groups to users

You may find it easier to manage groups by adding groups to users. However, it's important to understand that groups are only lists of user accounts. In Workgroup Manager, when you add a group to a user account, the system is actually adding the user account to that group's user list. This simulation of adding groups to users is another convenience provided by Mac OS X Server.

To add a group to a user:

1.

Launch the Workgroup Manager tool located in /Applications/Server, and authenticate as the administrator (Figure 4.58).

Figure 4.58. Open the Workgroup Manager tool, and authenticate as an administrator.


2.

Click the Accounts icon in the Toolbar and the User icon in the account types tab (Figure 4.59).

Figure 4.59. Click the Accounts button and the User tab in Workgroup Manager.


3.

Click the directory authentication icon , and select the appropriate directory database from the pop-up menu (Figure 4.60).

Figure 4.60. Select the appropriate directory database from the selection pop-up menu.


4.

In the user list, select the user or users you wish to add to a group (Figure 4.61).

Figure 4.61. Select the user or users you want to add to a group.


5.

In the user settings frame, click the Groups tab .

6.

Click the Add button next to the Other Groups list (Figure 4.62).

Figure 4.62. Clicking the Add button opens a group drawer to one side of the main Workgroup Manager window.


A group drawer appears to one side of the main Workgroup Manager window.

7.

Click and drag a group or list of groups from the group list to the Other Groups field (Figure 4.63).

Figure 4.63. Drag a group or list of groups to the Other Groups field.


8.

When you've finished making changes, click the Save button .

Tips

  • To delete group memberships, click the group in the Other Groups list, and then click the Delete button .

  • Mac OS X Server recognize a maximum of 16 groups per user. In other words, you can have as many users as you want in a group list, but a user can belong to only 16 different groups.

  • You can show the system groups by selecting Preferences > "Show system users & groups" in Workgroup Manager.


What Is a Primary Group?

Every user belongs to at least one group, their primary group. The default primary group for all users on Mac OS X Server is the Staff group (the Staff Group ID is 20). However, you can specify any group as a user's primary group in the user's Groups settings in Workgroup Manager.

You shouldn't remove the user from the primary group listing. You can, however, change the user's primary group, which removes them from the previous primary group.

The primary group is used by the system to determine the default permissions when a user creates a new file. Standard Unix behavior dictates that when a new file is created, the file's owner is the user who created it, and the file's group is the primary group of the user who created it. However, you can override this behavior in the AFP and SMB share point settings. (For more information on share points, see Chapter 5.)




    Mac OS X 10. 3 Server Panther. Visual QuickPro Guide
    Mac OS X Server 10.3 Panther: Visual QuickPro Guide
    ISBN: 0321242521
    EAN: 2147483647
    Year: 2004
    Pages: 105

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net