In the Name field, enter a name for the new local group.
The name of a predefined user or group cannot be edited and the field is dimmed.
In the Domain field, enter the domain name. You can select the Domain from the drop-down menu. If you enter a domain name that is not listed, you must enter the full domain name or an error message is displayed.
Optionally, in the Comment field enter a comment about the local group .
Optionally, select Memberships are set by user’s location in the LDAP directory checkbox. If this setting is enabled, when users log in or are identified through SSO, if their user object on the LDAP server is at the location specified in LDAP Location (or under it if appropriate), they are given membership to this user group for the session. This setting is disabled by default.
Local users and other groups also can be made members of the group on the Members view.
If you enable this setting, the LDAP Location field becomes active.
In the LDAP Location field, enter the location in the LDAP directory tree. The location can be given as a path (for example, domain.com/users) or as an LDAP distinguished name.
If LDAP user group mirroring is enabled, then for mirror user groups this field is read-only and displays the location in the LDAP directory of the mirrored group.
Select precisely where the location is from one of the For Users options:
at or under the given location (default)
at the given location
Optionally, to require one-time passwords for the group, select One-time passwords. If you enable this setting, users must have their email addresses set.