Groups
Groups allow you to create classes of users. Groups make access control administration significantly simpler because you can grant and revoke permissions to large numbers of users with a single operation on the group.
Each user can belong to as many groups as necessary. A user’s permissions are the union of the permissions of the groups the user belongs to, in addition to any permissions granted to the user directly.
You can create, remove, or add users to groups by specifying the groups in groups.conf, using the tibemsadmin tool, or by using the administration APIs. For more information about specifying groups in the configuration file, see groups.conf. For more information about specifying groups using the tibemsadmin tool, see EMS Administration Tool. For more information on the administration APIs, see the online documentation.