Content Comparison

...

1. Log in to Grouper using SSO

2. Search for the DS folder

3. See the groups that you are able to administer

4. Note, this only shows the groups you have admin rights to, not member privileges.

When creating a group

1. use the prefix grp_ds_denodo

2. description should refer to a data steward

   1. members should all be run by the data steward before addition

3. Add grp_ds_denodo-admin to the group with ADMIN privileges. This gives Denodo admins the ability to administer the group.

4. When creating separate dev and read groups

   1. Add the dev group to the read group so all dev group members are synced with the read group automatically. This will ensure read access for devs will exist beyond dev, since only the read group should be promoted outside of dev.

5. If a dev group needs scheduler access, add the group to the grp_ds_denodo-scheduler-admin group

5. Add members to groups

   1. Only add members that have been approved by the data steward

   Adjust member permissions for groups

6. Import groups into denodo. Note: You may need to wait up to 30 minutes for grouper changes to get synced to AD before importing.

   Code Block
   Role base: DC=tufts,DC=ad,DC=tufts,DC=edu Attribute with role name: sAMAccountName Attribute with description: description Role search pattern: (&(cn=*denodo*)(objectcategory=group))

    

   

7. Assign roles and permissions as necessary

...