Manage interactions between ACM groups and Active Directory Services

The UITS Access Control Management (ACM) Group Management tool can interact with Active Directory Services (ADS) in the following two ways:

• Load members of an existing Active Directory group into an ACM group: For instructions, see "Add members of an existing ADS group" in Create, edit, or delete Access Control Management (ACM) groups. This is a one-time load of the members and no connection is maintained between the ACM group and the Active Directory group you used for the members list. If the membership of the Active Directory group changes after you create your ACM group, those changes will not be reflected in your ACM group and vice versa.
• Have an ACM group provision a brand new Active Directory security group:
  1. Go to Access Control Management (ACM).
  2. Select or create an ACM group. For help, see Create, edit, or delete Access Control Management (ACM) groups.
  3. On the "Group" page, under "Features", check Active Directory Services.

     This will create an Active Directory security group that contains the same members as your ACM group. ACM will automatically generate an ADS group name based on the group name you specified with an iu-entlmt- prefix added. Membership changes that you make to your ACM group will be automatically reflected in the associated ADS group. This includes removing people from the group if they leave the university or are not compliant with the relevant data use tutorials.

  This ADS group can also be made into a mail-enabled group, so that it can be used as a distribution list; for more, see Configure an ACM mail-enabled group.