Key Groups & Roles

Setting up key groups and roles

Adding groups and roles and applying permissions. As you add users to your digital workplace, you need to ensure they belong to the right groups and are provided access to areas based on their specific roles and functions in the organization.

Identifying your key stakeholder groups

During the Plan Stage in your digital transformation journey, our Consultants identified the key stakeholder groups in your digital workplace.  Using this information, our Configuration Specialists map these key stakeholders into groups and roles within the digital workplace.  

We highly recommend using a directory service like Microsoft Azure AD to manage, map, and synchronize users and groups within your digital workplace. 


  • Centralize control of user management (e.g. adding and removing users)
  • Granular security levels/settings (e.g. by groups)
  • Policy management (e.g. password policy)

Organizing users into groups and roles

Users within your digital workplace should be organized into specific groups based on the different types of users, affiliations, and roles within the organization. Working with our Configuration Specialists, a "Group & Role"  taxonomy is created to align your users within your digital workplace.  This taxonomy is generally based on the following three criteria:


Types of users (by activity)

  • Viewers
  • Contributors
  • Publishers
  • Administrators

User groups (by affiliation)

  • Business units
  • Offices
  • Departments
  • Teams
  • Communities
  • Level

Roles (by system rights)

  • Communicators
  • Content managers
  • Membership managers
  • Administrators

The benefits of applying this type of group/role taxonomy to your digital workplace are tremendous as it:

  • Allows employees to interact with each other effortlessly
  • Facilitates open communication and collaboration in a secure fashion
  • Groups representative associations within the organization
  • Enables employees to do their jobs

Applying group permissions

Our Configuration Specialists work with you to create specific groups and roles for each digital workplace. This is managed within the Membership section of the Control Panel. Specific groups and roles can also be applied to any solution. Once the default groups have been set up in your digital workplace, permissions (e.g. access rights) can be applied to any location, solution, or content within the digital workplace.

Permissions can also be set for a specific member or group within your digital workplace. Levels of access include:

  1. No access
  2. Read
  3. Write
  4. Edit
  5. Full

Video: Managing Members

Video: Intro to Groups

Video: Using Roles to Share Responsibility

Video: Introduction to Access Rules

PlaybookTip_Icon.png Playbook Tip: Adding users to your digital workplace
There are four ways to add members to your new digital workplace:

  1. Invitations: The Igloo platform can send an invite to specific people via email. The email recipient must accept the invitation and complete the registration process including a CAPTCHA (to ensure that the response is generated by a human being).
  2. Add members: The Igloo platform allows people to be added to the system and allows them to be assigned to specific groups. This eliminates the need to invite people manually and have them go through the registration process.
  3. Bulk user import: The Igloo platform allows authorized users to bulk upload people into a site from a pre-formatted spreadsheet. This eliminates the need to invite people manually and have them go through the registration process.
  4. LDAP Sync Tool (ILST): This is a dedicated, installable application which allows IT Administrators to automatically sync their corporate Active Directory with the Igloo platform. ILST syncs both Group and Personal Profile data stored in the corporate Active Directory (AD) to the Igloo Platform. ILST is installed and runs on the AD server and updates the Igloo Platform to mirror the AD structure it is synced with. ILST only reads data from the corporate LDAP directory; it will not modify or remove any data. 

Viewed 614 times