Group

IBM Security uses existing Active Directory groups to manage the members of UNIX groups.

Syntax

public interface IGroup

Discussion

The Group class provides access to methods and properties that enable UNIX group profiles to be linked to Active Directory groups and that you can use to manage UNIX profiles associated with Active Directory groups. The additional UNIX-specific attributes that make up the UNIX profile for a group are stored and managed within the GroupUnixProfile object.

Methods

The Group class provides the following methods:

Method Description
AddUnixProfile Adds a new UNIX group profile to a zone.
Commit Validates and saves changes to the Group object in Active Directory.
CommitWithoutCheck Saves changes to the Group object in Active Directory without performing any validation.
GetDirectoryEntry Returns the directory entry for an Active Directory group object from Active Directory.
GetRoleAssignmentsFromDomain Returns the collection of all role assignments for a group in a specified domain.
GetRoleAssignmentsFromForest Returns the collection of all role assignments for a group in a specified forest.
Refresh Reloads the Group object data from the data in Active Directory.

Properties

The Group class provides the following properties:

Property Description
AdsiInterface Gets the IADs interface for an Active Directory group.
ADsPath Gets the LDAP path for an Active Directory group.
ID Gets the unique identifier for an Active Directory group.
UnixProfiles Gets the GroupUnixProfiles object associated with an Active Directory group.