The Group administrator role enables the assignee to perform the following subset of the group-oriented actions supported by the administration portal:
- View groups
- Add new groups
- View group membership
- Manage group membership
- Edit group names
- Delete groups
The groups against which actions can be performed are limited based on the user groups associated with the role assignment.
Where a Group administrator creates a new group (as a subset of the users in groups associated with their role), the new group is automatically associated with any other roles the Group administrator has been assigned. For example, if a Group administrator is also a Catalogue administrator, User administrator and a Reporter, and they create a group called MyTeam, the MyTeam group will also be added to the scope of their other roles, so that they can target content, administer users, and report over the new MyTeam group.
IMPORTANT: Group administrators should only be given the the Password administrator role where the scope of the two roles is the same. If the Group administrator role is wider (for example, includes a larger set of users) than the Password administrator role, a Group administrator can automatically increase the scope of their Password administrator role by adding a new group.