Users do not generally understand security infrastructure. While they may be able to identify a network UNC which they need to access (e.g., because someone they are working with put a file there and told them where to get it), they generally have no idea why they cannot access that UNC, or how to go about getting access.
A consequence of this is that whenever users need new rights, they call the help desk complaining about an "access denied" error. This call is typically escalated to a security team, which:
- Investigates the user complaint.
- Sees which groups have appropriate rights, and that the user is a member of none of them.
- Tries to figure out which group to add the user to.
- Tries to figure out how to authorize this change.
- If authorized, add the user to the group.
This is a long, complicated process that solves a rather simple business need: get users the rights they need, when they need them..
Hitachi ID Group Manager replaces this process with self-service. Users can find the network resource they are having trouble with using the Group Manager web UI. Note that users do not search for groups -- they search for UNCs, as shown here: