You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -17,10 +17,10 @@ A helper script for doing this is already uploaded to the domain controller - yo
### {{lock}} SRE Security Groups
Each user should be assigned to one or more Active Directory "security groups", which give them access to a given SRE with appropriate privileges. The security groups are named like so:
Each user should be assigned to one or more Active Directory "security groups", which give them access to a given SRE with appropriate privileges:
-`SG <SRE ID> Research Users`: Default for most researchers. No special permissions.
-`SG <SRE ID> Data Administrators`: Researchers who can create/modify/delete database tables schemas. Given to a smaller number of researchers. Restricting this access to most users prevents them creating/deleting arbitrary schemas, which is important because some SREs have their input data in database form.
-`SG <SRE ID> Data Administrators`: Researchers who can create/modify/delete tables in the `data` schema on a `PostgreSQL` within `<SREID>``. Users outside this group can only read these tables. Restricting this access to most users prevents them creating/deleting arbitrary schemas, which is important because some SREs have their input data in database form.
