All groups requirement

The Require all groups option ensures that only members of ALL groups listed in the role membership fields have the role's defined access.

In the preceding example, the role Administrators Only is shared by members of both Administrators and Arcadians user groups. We did not select the Require all groups option, so all members of either group get the privileges of the role. However, if we check the Require all groups options, only users who are members of BOTH Administrators and Arcadians user groups get the privileges of the role.

There are two other ways a user can be a member of the role, even when the Require all groups option is on:

  • If the user is named specifically in the Users section of the membership page.
  • For roles that are imported from the Sentry system, if the Groups section is empty, and the user is a member of ANY Sentry group.