I’m looking for some more info about the ideal setup of your groups, so that it’s easibly to manage. I was thinking the following way
-
Create Functional groups for each function that exists within a company (
-
Put these functional groups in so called department-groups and organization groups
-
Put organization-groups, department-groups within Access-groups. These access-groups give you access the databases through the ACL. SO I want to avoid having individuals within the access-groups
Problem is that many people have different functions, so it’s very difficult to define unique function-groups.
I hope you get my concern. Any best practices, theories about group-management and so on are very welcome.