Manage from One Location, with Distributed Control
Grouper keeps the group membership decisions in the hands of the business/group owners, access control in the hands of the application owners, and the technology management in the hands of the technologists. Individuals can use the system to review their group memberships. IT administrators are relieved from the burden of keeping up with the day-to-day group changes and Grouper increases the overall integrity of the policy and technology interaction. Grouper makes it possible to use the same group or role in many places and automate changes to access privileges as a person's role changes.
Help Collaboration Happen
With Grouper, an owner sets up a group in one spot, feeding membership information to applications like email lists and calendars. The owner needs no technical skills to create, change, or delete groups or members. A researcher might create a group and enable members to participate on an email list or view a web site. Students use Grouper to set up and manage groups for similar applications as they work together on shared projects and class work.
Grouper enables group management institution-wide and on an individual level, providing more secure, robust, and responsive methods to control access to resources.
Ease Staff Support Load
Grouper separates the management of group memberships from the supporting technology. This reduces the end-user support calls associated with underlying infrastructure changes. Removing IT from the middle of managing groups will help ease your helpdesk headaches, as well.
In addition to group and access management, Grouper's design includes support for group management by distributed authorities, subgroups, composite groups (whose membership is determined by the union, intersection, or relative complement of two other groups), custom group types and custom attributes, auditing (so it's easy to determine who can access what), traceback of indirect membership, and delegation.