Business Units are collections of Active Directory objects, whose membership is based on certain rules. For example, a Business Unit can include users with the word Sales in their Department property and members of the Sales Managers group. Business Units can contain objects located in different Organizational Units, domains and even forests.
Business Units can be organized in folders, which allows you to create a virtual hierarchy of Active Directory objects, and use Business Units instead of Organizational Units for browsing Active Directory.
You can also apply Scheduled Tasks, Business Rules, Security Roles, etc. to Business Unit members. For example, by assigning a Security Role on a Business Unit, you can allow your Help Desk to manage only the user accounts whose Employee ID starts with '1'.
In this tutorial, you will learn how to create a Business Unit and how to assign a Security Role over members of a Business Unit.
Launch Adaxes Administration Console.
Expand your Adaxes service, right-click Business Units, point to New and click Business Unit.
Enter a name for the new Business Unit and click Next.
On the Membership Rules page, you need to specify the criteria to include AD objects to the new Business Unit. Click the Add button.
Select whether you want to include specific objects, members of a group, objects located in an OU, or objects that match certain search criteria.
For example, if you want the Business Unit to include users with the word Sales in their job title, do the following:
Type Sales in the Job Title field.
If necessary, you can exclude objects from the Business Unit. For example, if you don't want the Business Unit to contain members of the Administrators group, you can exclude the group from the Business Unit.
Click the Add button.
Select Group Members.
In the Rule Parameters section, select the group whose members you want to exclude.
Check the Exclude specified objects checkbox.
On the Columns page, specify which columns will be visible by default for the Business Unit, configure sorting and grouping options.
You can delegate permissions to users on members of a Business Unit. Perform the following steps to assign a Security Role over a Business Unit:
Expand Configuration \ Security Roles and select the role you want to assign.
Click Add in the Assignments section.
Type the name of the group or user to which you want to assign the role and then click it.
Select Business Units in the Look in drop-down.
Click the Business Unit.
Click OK and then click Finish.
Click Save changes.