Managing Local Windows Groups

If you have Windows servers with local users and groups, you can add those servers to EmpowerID as managed account stores. This allows you to inventory local users and groups and manage those objects from EmpowerID, providing you with automated role-based access control, delegated permissions administration, provisioning policy capabilities with a full audit trail of any actions involving those objects. This article demonstrates how to manage local Windows groups in EmpowerID.

To manage local Windows groups

  1. From the Navigation Sidebar of the EmpowerID Web interface, navigate to Find Computer page by expanding Resources and clicking Computers.
  2. From the Find Computer page, click the Local Groups tab and then click the Advanced Search drop-down button shown below to open advanced search options. This allows you to limit the local groups appearing in the grid to those on a specific local Windows server that are managing.
  3. Type the name of your local Windows server in the Computer field and press ENTER. You should see all groups on the server appear in the grid.
  4. Click the Advanced Search drop-down to close the advanced search options and then search for the group on the local Windows server you want to manage.
  5. From the grid, click the Logon Name link for the group.
  6. This directs you to the View One page for the group. View one pages allow you to view and edit the objects to which they are linked.

  7. Expand the Group Members accordion. You should see all user accounts who are members of the group. If the computer is a local Windows computer that also belongs to an inventoried domain, you can have both local and domain user accounts in any of the local groups.
  8. You can add and remove members from the group as needed. To add a member, you type the name of a user account in the Enter Name to Add field and click the tile for that user account to select it.
  9. You can remove existing members by ticking the box to the left of the user account you want to remove.
  10. Notice that the Added and Removed flags have updated to show the number of user accounts being added and removed from the group.

    You can review what has been added and removed by clicking the drop-down arrow to the right of the flags.

  11. To submit your changes, click either of the Submit buttons. If you have the drop-down opened, you can click the Submit button there (as shown below), or you can click the larger Submit button.
EmpowerID maintains an audit log of all operations occurring in the system, including changes to group memberships. To view the audit log in the Web interface, expand System Logs on the Navigation Sidebar and then click Audit Log.