Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This section describes a conceptual model of possible data organization that an implementation maintains to participate in this protocol. The described organization is provided to facilitate the explanation of how the protocol behaves. This document does not mandate that implementations adhere to this model as long as their external behavior is consistent with that described in this document.
The following diagram provides a high-level overview of the relationship between users, groups, and role definitions that are used in the operations of this protocol.
Figure 2: Abstract data model
The protocol server manages information about the following entities:
Users with permissions to access the sites within the site collection managed by the protocol server. Each user has an identifier.
Groups of users. Each group has an identifier.
Role definitions, which have a set of permissions associated with them. A role definition is the same as a role and refers to the same entity. Each role definition has an identifier.
Sites for which the protocol server manages users and groups. A site collection consists of all the sites that are managed by the protocol server.
In addition, the protocol server manages information about the following relationships:
which users belong to a group.
which users are assigned to a role definition.
which groups are assigned to a role definition.
which role definitions are defined for a site.