ScaleFT provides group management by optionally allowing a group of users in ScaleFT which has been granted permissions on a project to be synchronized as a local system group to servers in that project.
No additional configurations are added to ScaleFT-managed groups. These synchronized groups exist to support extensible configuration of permissions for users managed by ScaleFT with external configuration management tools. When a group is granted Admin rights on a project, those rights are managed independently of ScaleFT’s group management. It is not required to synchronize a group in order to grant Admin rights to that group.
By default, user groups in ScaleFT are not synchronized to servers. This feature must be explicitly enabled for each group to be managed.
ScaleFT’s Group Management feature is currently only generally available for Linux. Please contact Support to learn about our roadmap for supporting this feature on Windows.
This feature can be enabled when adding a group to a project or when updating a group that is on a project by checking the box to “Sync groups to servers.” The group will only be synced to servers that are enrolled in the project(s) on which you have enabled the flag for that group.
Groups managed by ScaleFT will contain the server user accounts that correspond to the ScaleFT users present in that group in the ScaleFT platform.
To avoid naming collisions, groups created by the agent are prefixed with
sft_. Groups created by ScaleFT are assigned a GID on a per project basis incrementally, starting with
63001. If the agent encounters a conflict with either the name or GID, it will attempt to take ownership of the conflicting group.
You can verify what groups the agent will manage from the
Permissions tab of the project under the
Managed Server Groups section.
To change whether or not a group will be synced to a server and managed by the agent, you may use the “Edit” button from the “Permissions” tab for the project. Check the “Sync groups to servers” option. If you later edit this group to not be synced to the server, the group will be deleted from the server and any users that were members of the group will be removed from it.
If you remove the group from the project or disable syncing the group to the project, the group will be removed from the server.