Scope of groups

The default tasks and associated access control items set the scope of activities for members of predefined and customized groups.

• Scope of a customized group
  A major business reason to customize groups is to increase or limit the scope of activities for group members. We might begin by examining the scope that the predefined groups have.
• Users with no membership in a default group
  A user who has no membership in a default group can view and change the user's own profile. The user can also view and change other information, activities, and accounts and access.
• Scope of the Auditor group
  The scope of activities for members of the Auditor group is primarily to request reports and search for other information.
• Scope of the Help Desk Assistant group
  The scope of activities for members of the Help Desk Assistant group is primarily to control the passwords, profiles, and accounts of other users.
• Scope of the Manager group
  The scope of activities for members of the Manager group is primarily to manage the accounts, profiles, and passwords of their direct subordinates.
• Scope of the Service Owner group
  The scope of activities for members of the Service Owner group is to manage a service, including the user accounts and requests for that service.

Parent topic: Group management issues