Overview of user accounts and user groups

User accounts and user groups

A user account represents a person who is using the application. Each user account has associated content, including the person's profile. For all users, you can use the Admin Console to change their user name and password, view and delete the content they've created, and view and edit their profile information. You can also disable users, for example when they're no longer involved, but you want to keep their content. For more information, see Managing user accounts.

A user group collects user accounts, typically in order to make it easier to grant all of the collected users certain permissions. For example, you might create a group of human resources workers so that you can give them (and only them) permission to view potentially sensitive information about employees in a Benefits space. A user group is made up of members, who typically aren't aware they're in the group, and administrators, who have the Admin Console access through which they can manage user group settings and membership. For more, see Managing user groups.

External user identity systems

The work you do with user accounts and user groups depend heavily on whether the application is connected to an external user identity management system. Generally, when you add user accounts and user groups by using the Admin Console, you're adding that data to the same database used to store content. This isn't typically the case if the application is connected to an external user identity system such as LDAP or Active Directory. In that case, much of the information about users is coming from — and managed within — the external system.

By default, even if your community uses an LDAP or Active Directory database (or some custom solution), the users you add through the Admin Console are added to the application's database and not the external system. It is also possible that user accounts are managed by the external system, but the groups they're members of are created and managed locally in the application database. How user groups are managed is defined when the external system is connected to the application.

For more information on connecting an external LDAP or Active Directory system, see Setting up LDAP and Active Directory.

User registration

You can configure the application so that users can register on their own. When you enable user-created accounts, people can register by entering basic required registration information (such as a user name and password), along with user profile information. They can also invite other people to join the community.

For information on configuring registration, see the Configuring self-service user registration.