If your organization has a default UNIX administrators group or security group that you want to be available on all UNIX computers, that group is a good candidate for importing into the parent zone. Other groups that might be candidates for the parent zone are special purpose UNIX groups that own sudoers permissions that apply to all UNIX computers or an auditing group that requires access to all computers.
If you have identified any common groups, use the Import from UNIX wizard or a script to import the UNIX groups that should be available for all computers into the top-level parent zone.
- Start Access Manager.
- In the console tree, expand Zones and the top-level parent zone.
- Select UNIX Data, right-click, then click Import from UNIX.
- Click UNIX configuration files, then click Browse to locate and select the group file to import, then click Next.
- Select the option to automatically shorten the UNIX name, if desired, then click Next.
- Leave Store in Active Directory selected and click Next.
Select Check data conflicts while importing, then click Finish.
This step places the profiles under Groups as Pending Import.
- Select one or more group names that are Pending Import, right-click, then select Create new AD groups.
- Click Browse, navigate to the UNIX Groups organizational unit and click OK, then click Next.
Click Add a prefix to group name, type the parent zone name and an underscore (_), select the group scope as Global, then click Next. For example, if the parent zone name is arcadeGlobal, use the prefix arcadeGlobal_.
Optionally, click Add a suffix to group name and type a suffix that identifies the group as a UNIX security group, for example, _unix.
- Review the information displayed, then click Finish.
For more information about importing groups, see the Administrator’s Guide for Linux and UNIX.