Recreate a deleted user group
All group accounts are identified with a unique identifier that is separate from the group name. Deleting a group account deletes the account's access rights but does not delete the group account's unique identifier. This means that creating a new group account with the identical name does not automatically provide access to the same resources as the previous group account.
When creating another group account with the same name, recreate the security settings of the account. Create permissions for the user group account when securing a resource.
To create an account using the name of a deleted account, set the security policy
Keep record of deleted accounts
to disabled
.
TIP:
User group accounts in the network directory are separate from the user group accounts in the local directory. Deleting a user group account from one directory does not delete the account from the other. To delete both accounts, log on to each directory separately.
Prerequisites
Recreating a deleted user group requires these permissions:
- Common > Create Children
- Common > List Children
- Common > Read
To recreate a deleted user group
- Add a new user group account. Choose one:
- If the security policyKeep Record of deleted accountsis disabled, create an account using the same name as deleted account.
- Recreate the security settings of the deleted account on the new account. Either:
- Add the user account to a group that already has the proper security settings defined
- Set permissions for a user account when securing a resource
- If using aWindows-linked user group account, theFactoryTalk Directoryrelies onWindowsto determine whether the user's name and password are valid, and whether the account is enabled or locked out. However,Windows-linked user accounts can be added toFactoryTalk Securityuser groups. This allows theFactoryTalk Directoryto determine aWindows-linked user's level of access to theFactoryTalksystem independently of the user's level of access to aWindowsdomain.
Provide Feedback