Group Management

Using CornellAD groups for authentication management

The Cornell Groups Management infrastructure provides a way for Cornell IT administrators and others to manage authorization to network resources via CornellAD Groups.

Some examples of how you might use Groups:

Groups can be used with CUWebAuth to allow only members of a specific group to access websites.
Groups can be used to delegate permission for CornellAD resources such as printers and file-sharing resources.
Groups can be used to set permissions in Exchange, for example, to share an Exchange calendar with a specific group.

CornellAD administrators can securely manage Active Directory with Quest Active Roles Server.

Service Details

Audience(s):

IT Professionals

Regulated Data:

Not applicable or information not available.

Support Contact:

IT Service Desk

Phone: (607) 255-5500

Form to Get Help (if you have a NetID)
Form to Get Help (if you don't have a NetID)
Support Hours: Monday-Friday, 8am-6pm (Eastern Time)
Emergency Service Disruptions: After Hours Support

Group Management Articles

see all

Managing Groups

About Dynamic Groups (CornellAD Group Management)

Setting up a dynamic group can be a complicated process. CIT's Identity Management group will be happy to help you. The simplest way to make someone (or an object) a member of a group is...

About Mail-Enabled Reference Groups (CornellAD Group Management)

All CornellAD reference groups based on the lowest level of the Peoplesoft HR Tree (typically at the department level) are mail-enabled for use with Exchange. (Peoplesoft calls these "Node 9...

Add Members to a Group (CornellAD Group Management)

Individuals who have access to manage CornellAD groups can add members via the console or web interface.

Assign Group Admin Rights (CornellAD Group Management)

There are two levels of control over the properties of a group. The vendor's documentation calls these Primary Owners and Secondary Owners. Primary Owners can modify any of the group's...

Change Displayed Columns (CornellAD Group Management)

Add, remove, or re-order columns on the Members page (and others).

Convert a Basic Group Into a Dynamic Group (CornellAD Group Management)

The act of turning a basic group into a dynamic group removes all existing members from the group, so we recommend creating a brand-new group (with no members), rather than re-using an existing...

Create a Group in CornellAD

How CornellAD administrators can create groups for many purposes, such as controlling who can access certain services, or emailing a group of people.

Create Membership Rules for Dynamic Groups (CornellAD Group Management)

There are many ways to use dynamic groups. Here we'll describe how to set up dynamic groups for a few common situations. The procedures below assume you are working with a brand new dynamic...

Find Node 9 Groups (CornellAD Group Management)

What's all this then? The information on this page is presented in the context of using CornellAD reference groups to set sharing permissions to Exchange calendars and mail folders,...

Mail-Enable a Group (CornellAD Group Management)

Mail-enabling a CornellAD group allows the group to be used in two additional ways. The group can be used in setting calendar and folder sharing permissions for Exchange accounts,...

Manage Your OU's Room List (CornellAD Group Management)

Room Lists are centrally-created groups that initially have no members. Organizational unit (OU) admins must add members (rooms and sometimes equipment) to their room list. When users...

Remove Members from a Group (CornellAD Group Management)

Individuals who have access to manage CornellAD groups can remove members via the web interface.

Switch a Group from Global to Universal (CornellAD Group Management)

When you create groups, it's a good idea to set them up as universal groups from the start. Groups must be universal in order to mail-enable the group or add a reference group as a member....

Temporal Membership (CornellAD Group Management)

The basic form of membership in a group starts when you add the member and ends when you remove the member. It is also possible for you to specify a starting time and date, an ending time and date...

View a Group's Members (CornellAD Group Management)

Using a supported browser, connect to manage.ad.cornell.edu. Log in using your NetID@cornell.edu or DOCID@cornell.edu account. Use the ID that has privileges to manage the group...

Was this page helpful?

Your feedback helps improve the site.

Comments?

To share feedback about this page, log in with your NetID.
Need assistance with an IT@Cornell service? Contact the Service Desk instead.

Search Filters:

Services

Quick Links and Search

How can we help?

Quick Login

Group Management

Service Details

Group Management

Audience(s):

Regulated Data:

Support Contact:

Group Management Articles

Managing Groups

Was this page helpful?

Comments?

Support

Follow IT@Cornell...