iManager also uses property books as used in the ConsoleOneTM utility. Property books can assist in the viewing and management of a large number of attributes.
Create a new role that will hold the property book.
Create a property book.
In the Group Management > Modify Group task, there are two tabs: General and Security.
Under the General tab are three items: Identification, See Also, and Members.
Under the Security tab is one items: Security equal to me.
Any user that is an assigned member of the Modify Group task can administer these four items on any group within the eDirectory scope defined.
For some organizations that use a decentralized approach to administration, this level of responsibility assignment is not granular enough. This is where property books can be utilized to define administration responsibilities in a granular manner.
For example, you might want to allow certain users to only be able to modify the members of a group and not be able to modify the group identification information or security equivalent settings. To accomplish this
Create a role called "Group User Admin." Do not assign any tasks to the role when prompted. Assign members and scopes.
Create a new property book called "Group Users."
Select an rbsModule.
Select the objects the property book will manage.
Select the pages to assign to the property book. This pages that appear are dependent on what objects were selected. Only select "manageGroupUsersPage."
Assign the property book to the Group User Admin role you just created.
Select Finish.
Now, when a user assigned to the Group User Admin role logs in and selects this role, they will see the property book "Group Users." Selecting this and entering a group to manage will only allow the user to administer the group users and no other pages related to the Group Management role.