Configuration of Self-Service

Overview

CayosoftWeb Portal provides a Self-Service container. This container includes a set of Web Queries:

NOTE: Active Directory Self-Service web queries require connected users to be from the managed domains.

1. My AD Groups, My AD Users, My AD Users (expiring): display the Active Directory users and groups managed by the user who is running the query. Each user will see only the objects that they manage.

2. My Office 365 Groups, My Office 365 DLs: display the Office 365 groups managed by the user who is running the query.

3. My AD Memberships: users can see their membership in Active Directory groups and can add themselves to groups that are published for discovery. Learn more in: Configuration of Group Publishing.

4. My Cloud Memberships: My Cloud Memberships web query displays the Microsoft 365 groups for which a user is a member.

5. My Company Directory: users can find the phone numbers of their colleagues and some other business information: office, department, title.

6. My Pending Tasks, My Request Status: display the work items for approval and certification that are assigned to the user who is running the query or checking their status.

7. My Teams: display the Teams managed by the user who is running the query.

Configure Role-Based Delegation for Self-Service

Follow the steps below to create Group Self-Service Role:

1. In the Cayosoft Administrator console, navigate to Configuration > Roles > Web Administrators.

2. Click Add Delegation Rule.

3. In the Name field of the new rule type Self-Service.

4. Below the Trustee list, click Add.

5. Click Search to return a list Active Directory Groups.

6. Select the group that represents the users who will be allowed to manage their users and groups.

7. Click OK.

8. Below the Trustees Permissions, click Add Scope - the Specify Policy Scope dialog box appears.

9. In the All Admin Units, check Self-Service.

10. In the All Web Queries, check My AD Groups.

11. In the All Actions, check Properties, Suspend Group, Undo suspend.

    NOTE: There are multiple Actions named Properties and Undo Suspend. Place the mouse over each until you see the tooltip Group Properties appear, that is the correct action to check.

12. Click OK at the bottom of the Specify Policy Scope dialog,

13. Open the Object Pickers section.

14. Check AD Groups and AD Users.

15. Click Save changes.

Assign a user to manage a group

1. Logon to the Web Portal as an administrator who can manage groups.

2. Expand Active Directory > AD Groups.

3. Enter the name of the group being assigned to the user in the search field and click Search Objects.

4. Click the check-box to the left of the group name and click the Properties web action on the right.

5. At the top of the Modify Group dialog, click Managed By.

6. Click Change.

7. In the search field, enter the first few letters of the group manager’s name then click Search Objects.

8. Click the checkbox to the left of the group manager’s name then click OK.

9. In the Modify Group dialog box click Update.

Configure Role-Based Delegation for My Company Directory

Follow the steps below to create the My company directory role:

1. In the Cayosoft Administrator console, navigate to Configuration > Roles > Web Administrators.

2. Click Add Delegation Rule.

3. In the Name field of the new rule, type Self-Service.

4. Below the Trustee list, click Add.

5. Click Search to return a list Active Directory Groups.

6. Select the group that represents the users who will be allowed to see the employees' contact information.

7. Click OK.

8. Below the Trustees Permissions, click Add Scope - the Specify Policy Scope dialog appears.

9. In the All AdminUnits, check Self-Service.

10. In the All Web Queries, check My Company Directory.

11. Click OK at the bottom of the Specify Policy Scope dialog box.

12. Click Save changes.