Manage Users and User Groups

Learn how to add, edit, and delete users for each deployment.

This article refers to the MyCloudIT Gen 2 platform, which was launched in 2015. Look for MyCloudIT Gen 3 to be launched in Summer 2020.

Overview

This guide will show you how to add, edit, and delete users for each deployment.

Manage Remote Desktop Services in Azure (Part 1)

Add & Edit Users

  1. Click “+Add” button at the top right corner OR “Edit” button under Actions next to the user you want to manage.
  2. Fill out or edit the User information required.
  3. Select related Desktop Collection or/and RemoteApp Collection to put this new user in. Skip “Desktop collections” and “RemoteApp Collections” if there are no collections in the deployments
  4. Click “Group Settings (Optional)”. Here you can choose among Available Groups which ones that user belongs to, whether they be admin groups or a certain group with access to a specific Desktop collection or RemoteApp collection.
  5. Hit the Submit button when everything’s ready.

deployment-users-groups-1

To add multiple users using your Office 365 Active Directory, click here >>

Delete Users

  1. Click “Actions” button next to the user you want to edit, and then choose “Delete”
  2. Hit the Confirm button when you are sure to delete the user.

Add & Edit Groups

First, you’ll need to switch to the Groups view

  1. Click “+Add” button at the top right corner OR click “Actions” next to the group that you want to edit, and then choose “Edit”deployment-users-groups-2
  2. Fill out the information required:
    • Category:
      • Security: This type of group has a Security Identifier (SID) assigned to it from Active Directory. It can be used for assigning and controlling permissions to a resource. Security Groups can also be used for email distribution lists.
      • Distribution: Distribution groups can be used only with email applications (such as Exchange Server) to send email to collections of users. Distribution groups are not security enabled, which means that they cannot be listed in discretionary access control lists
    • Scope:
      • Universal: Universal groups are used in larger, multi-domain organizations where there is a need to grant access to similar groups of accounts defined in multiple domains. It is better to use global groups as members of universal groups to reduce overall replication traffic from changes to universal group membership. Users can be added and removed from the corresponding global group within their account domains and a small number of global groups are the direct members of the universal group. Universal groups are easily granted access by making them a member of a domain local group used to grant access permissions to resources. Universal groups are used only in multiple domain trees or forests that have a global catalog. A Windows 2000 domain must be in native mode to use universal groups. A domain model that has only a single domain does not need or support universal groups.
      • Global: Global groups are used for combining users who share a common access profile based on job function or business role. Typically, organizations use global groups for all groups where membership is expected to change frequently. These groups can only have as members user accounts defined in the same domain as the global group. Global groups can be nested to allow for overlapping access needs or to scale for very large group structures. The most convenient way to grant access to global groups is by making the global group a member of a resource group that is granted access permissions to a set of related project resources
      • Domain local groups are best used for granting access rights to resources such as file systems or printers that are located on any computer in the domain where common access permissions are required. The advantage of domain local groups used to protect resources is that members of the domain local groups can come from both inside the same domain and outside the domain. Typically, resource servers are in domains that have trust to one or more Master User Domains, or what are known as account domains (A domain local group can be used to grant access to resources on any computer only in native mode domains. In mixed mode, domain local groups must be on domain controllers only.)
  3. Click “Group Settings (Optional)” next to the “Group Configuration (Required)”. Basically there are a list of “Available Groups” could be added to “Groups Members”. This means, groups in the “Group Members” are belong the new creating group. Also, there are a list of “Available Users” can be added as “User Members” of new creating group as well.deployment-users-groups-3
  4. Hit the “Submit” button when everything’s ready

If administrators want to put all the users in a group, it is much easier to do in this view then just go to every single of the users and add them as a member of group.

If you need any assistance, email us at support@mycloudit.com.