Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.23
  3. Managing administrators, users, and groups
  4. Creating and managing user groups
  5. Create a directory-linked group

Create a directory-linked group

You can create user groups that link to groups in your company directory.
BlackBerry UEM
 periodically synchronizes the membership of a directory-linked group with its associated company directory groups. When a user is added or removed from the company directory, they are added or removed from the directory-linked group. The profiles, policies, and apps that you assign to the directory-linked group are assigned to the users in that group. When users are removed from group, those properties are removed.
  1. In the management console, on the menu bar, click
    Groups > User
    .
  2. Click The Add a directory-linked group icon.
  3. Type the group name.
  4. In the
    Linked directory groups
     section, do the following:
    1. Click The Add icon.
    2. Type the name or partial name of the company directory group that you want to link to.
    3. If you have more than one company directory connection, select the connection that you want to search. After you have made this selection, the directory-linked group is permanently associated with the selected connection.
    4. Click The Search icon.
    5. Select the company directory group.
    6. Click
      Add
      .
    7. If necessary, to allow the directory settings to control the number of nested groups, select the
      Link nested groups
       check box. To link to all nested groups, leave the check box unselected.
    8. Repeat these steps to link additional groups.
  5. Do any of the following:
    Task
    Steps
    Assign a user role to the directory-linked group.
    1. In the
      User role
       section, click The Add icon.
    2. In the drop-down list, click the name of the user role that you want to assign to the group.
    3. Click
      Add
      .
    Assign an IT policy or profile to the directory-linked group.
    1. In the
      IT policy and profiles
       section, click The Add icon.
    2. Click
      IT policy
       or a profile type.
    3. In the drop-down list, click the name of the IT policy or profile that you want to assign to the group.
    4. Click
      Assign
      .
  6. If you want to assign an app or app group to the directory-linked group, do the following:
    1. In the
      Assigned apps
       section, click The Add icon.
    2. Search for and select the app or app group that you want to assign.
    3. Click
      Next
      .
    4. In the
      Disposition
       drop-down list, select one of the following:
      • Required
        : Install the app automatically on devices and prevent users from uninstalling the app.
      • Optional
        : Allow users to install and uninstall the app.
      • Denied
         (
        Android
         only): Prevent users from installing the app.
    5. If you are assigning a
      Google Play
       app to
      Android Enterprise
       and
      Android Management
       devices, and you set the
      Disposition
       to required or optional, in the
      Update Mode
       drop-down list, click the appropriate option:
      • Default
        : When a new version of the app is available in
        Google Play
        , the device is notified. Any restrictions or conditions from an assigned device SR requirements profile are applied to the app update.
      • High Priority
        : When a new version of the app is available in
        Google Play
        , the device is notified. Any restrictions or conditions from an assigned device SR requirements profile are ignored. In larger deployments this can take up to 24 hours.
      • Postpone
        : When a new version of the app is available in
        Google Play
        , the device is notified after 90 days, then the update is applied using latest available version. Any restrictions or conditions from an assigned device SR requirements profile are applied. Note that users can manually update the app at any time.
    6. If you are assigning an
      Apple
       VPP app, and you set the
      Disposition
       to required or optional, in the
      Update Mode
       drop-down list, click the appropriate option:
      • Default
        : When a new version of the app is available, it will be pushed to devices automatically.
      • Postpone
        : When a new version of the app is available, it will not be pushed to devices automatically.
    7. For
      iOS
       devices, to assign per-app VPN settings to an app or an app group, in the
      Per app VPN
       drop-down list, select the settings to associate with the app or app group.
    8. If you assign an
      iOS
       or
      OS X
       app, choose the appropriate value in the
      Target
       drop-down list:
      • Work
        : The app is installed as a work app that you manage with
        UEM
        .
      • Personal
        :
        • If it is not a VPP app, the app is managed by
          UEM
           and a “personal” label is associated with the assigned app in the management console. The personal label does not impact how the app is managed on devices.
        • If it is an
          iOS
           or
          OS X
           VPP app with the
          Disposition
           set to Optional, the user will be redirected to the
          App Store
           to install the app as unmanaged. Unmanaged apps cannot be removed from devices by
          UEM
           and are not subject to
          UEM
           controls such as IT policy rules. When you set the app assignment as Optional and Personal, you are prompted to assign the appropriate VPP user license to devices so it can be treated as an unmanaged app. You must set “Assign license to” to “User” to make it an unmanaged app.
    9. If available, for
      iOS
       and
      Android
       devices, in the
      App configuration
       drop-down list, click the app configuration that you want to assign to the app.
    10. If you use
      Android Enterprise
       and have created tracks for apps in the
      Google Play
       console, in the
      Track
       drop-down list, click the track to assign to the app.
    11. Click
      Assign
      .
  7. Click
    Add
    .