Rule-based user groups
Rule-based user groups use a custom repository adapter for Virtual Member Manager (VMM) to define dynamic portal user groups.
Rule based user groups are represented by a unique group name, the LDAP search filter rule expression, and an optional description. The portal handles them as normal portal user groups. They are in a special base distinguished name in the user realm hierarchy. Administrators can create, define, update, or delete them using the VMM API in WebSphere Application Server or the Portal User Management Architecture (PUMA) in WebSphere Portal like other groups. Use these soft groups to assign security role mappings, portal access permissions, or visibility rules the same way as other portal user groups. The rule-based user groups feature handles the correct membership determination for the users during run time. These groups are persisted in the portal database, not in the main portal user repository. We do not need to enter them into the LDAP.
We can...
- Define a rule-based user group including the syntax validation of the rule.
- Modify the rule or description of an existing rule-based user group including the syntax validation of the rule.
- Search for rule-based user groups based on the group name.
- Resolve the rule-based user group membership for particular users during run time.
- Display the members of a particular rule-based user group.
- Delete an existing rule-based user group.
Displaying members can have an impact on the performance of the portal. Perform it only to verify the resulting set of members after defining a rule base group. Rule based user groups can contain only individual users, but not groups. After defining a rule-based user group, we cannot change the unique group name.
Parent Administering