University of Bamberg
open search form
You are here

Service Institutions

University IT-Service

  1.  University of bamberg
  2. Administration and Institutions
  3. Service Institutions
  4. University IT-Service
  5. IT Services
  6. Login, Roles, Rights = IAM
  7. Data Services
  8. Security groups (access to task-bases data services)

Security groups for access control of task-based data services

What are security groups?

Access to task-related data services, such as Email accounts and Storage space on the file server, is controlled using security groups. Members of the relevant security group are granted access rights to the corresponding data service. Access is then granted using the user’s personal username (BA number) and password.

Security groups are identified, just like data services, using the institution's registered abbreviation. Examples:

  • Display name of the email account: RZ-Leitung
  • Email address: leitung.rz@uni-bamberg.de
  • Security group designation: rz | Leitung | Sicherheitsgruppe Exchange (leitung.rz@uni-bamberg.de lesen und versenden)

The facility's management, as listed in the directory of abbreviations, is responsible for the security group and the care of its members.

How can someone become a member of a security group?

Members of a security group can be added or removed either manually or automatically.

Delegate administrative authority

By default, the head of an organizational unit is a member of the security groups associated with task-related services. However, the head may delegate the management of security groups to other individuals.

view Security Groups: Users with administrative privileges
Figure 1: Security Groups: Users with administrative privileges

Manually managing a security group

If you want to add or remove individuals from a security group, you can do so via the IAM-Portal (Area with User Account).

Manually managing security groups is useful when not all members of an organizational unit are supposed to have access to, for example, a file server or an email account.

view “Security Groups”: Members
Figure 2: “Security Groups”: Members

Automatically assign access rights to all employees in an organizational unit (user group)

If you want all your current employees to have access to, for example, a file server and/or a work-related email account, you can add the user groups “Full-time University Staff” and/or “Part-time University Staff” (e.g., student assistants) as members of the corresponding security group via the IAM-Portal (Area with user Account).

view “Security Groups”: Groups of People
Figure 3: “Security Groups”: Groups of People

These two Groups of people are automatically populated based on data from the HR system. This eliminates the need for manual assignment of access rights.

If not all members of a user group (full-time or part-time) are supposed to have access to a task-based data service, you cannot use the user group and must continue to manage access rights manually. If additional users who do not belong to your organizational unit are to be granted access rights, they can be added as members to the data service’s security group in addition to the user groups.

Detailed information about specific groups of people

Do you have any questions?

IT-Support
Telephone: +49 951 863-1333
E-Mail: it-support(at)uni-bamberg.de