Group Access Manager - Security Groups
What is a Security Group?Â
Security Groups are used to control access to departmental resources. If you are a member of the security group for a shared folder or mailbox, that means you are authorized to access that folder or mailbox. Likewise, if you are not a member of the security group, you cannot access it.
Security group prefixes and what they mean:
AAD -Â : The 'AAD - ' prefix is attached to any group that controls Azure Active Directory Permissions.
AD - : The 'AD - ' prefix is attached to any group that controls Active Directory Permissions.
APP - The 'APP - ' prefix is used attached to any group that grants some form of access to a specified application.
File - :Â the 'File -' prefix is attached to any group that controls access to a shared folder.Â
Mail -Â :Â The 'Mail - ' prefix is attached to any mail related group. This includes departmental mailboxes, and resource calendars. If you are a member of a mailbox's corresponding group, you can access that mailbox.
VPN - :Â The ' VPN - ' prefix is attached to any group related to special access when connecting to the campus network via VPN.
Printer - :Â The ' Printer - ' prefix is attached to any group related to special access when connecting to printers.
WKSÂ - :Â The 'WKS - ' prefix is attached to a group related to workstation management.
Resource Calendar Suffixes:
Resource Calendars have descriptive codes at the end of their name to help you see what level of permissions each group grants:
RCAG - This is the administrative group for a resource calendar. Members of the administrative group have full access over all appointments.
RCUG - This is the user group for the resource calendar. Members of the user group have access over appointments they booked only.
RCROG - This is the read-only group for the resource calendar. Members of the read-only group cannot book appointments, or change appointments.
Mail Group Suffix
SMUG - This is the user group for a departmental mailbox. Members of the user group have access to all aspects of the corresponding mailbox.
Some groups cannot be modified with the Group Access Manager. In order to make changes to these groups, please submit an ITS Service Desk request.
AAD:: Azure Active Directory
AD::Active Directory Permissions
APP::Application Access
Dept::Server Access
DIST::Distribution GroupÂ
DYNMC::Dynamic Distribution Groups
File::Departmental Shared Folder
Footprints::Numera Footprints
Ghost::Ghost
GPO::Group Policy (GPO)
IIS::Internet Information Services (IIS)
Mail::Departmental UAlbany Mail account
Mail:DG:Distribution Group on prem
Mail:RCAG:Room Calendar-administrator access
Mail:RCDG:Room Mailbox-delegate access
Mail:RCROG:Room Calendar-reviewer access
Mail:RCUG:Room Calendar-user access
Mail:SMUG:Departmental UAlbany Mail account
MSSQL::MSSQL
npAD::Active Directory Permissions
npAPP::Application Access
npDept::Departmental
NPFile::Departmental Shared Folder
NPFile2::Not accessible by GAM
npFootprints::Numera Footprints
npMail::Departmental UAlbany Mail account
npMail:DG:Distribution Group on prem
npMail:RCAG:Room Calendar-administrator access
npMail:RCDG:Room Mailbox-delegate access
npMail:RCROG:Room Calendar-reviewer access
npMail:RCUG:Room Calendar-user access
npMail:SMUG:Departmental UAlbany Mail account
npPrinter::Network Printer
npPWA::Project Web App (PWA)
npVPN::Virtual Private Network access (VPN)
O365G::Office 365 Group
Printer::Network Printer
PWA::Project Web App (PWA)
SPM::Secure Password Manager
SPO::SharePoint Online
VMWare::Virtualization Software (VMWARE) access
VPN::Virtual Private Network access (VPN)
WKS::Provides elevated access to workstations (WKS)
WSUS::Windows Server Update services (WSUS)
Â
Â