With an isolation group, a user is limited to interacting with objects of the same isolation group. Isolation groups are linked to partitions and to the ProcessServerService.SAP.limit license key. Every isolation group requires its shared partition. When this license key is set to 0, you can create as many isolation groups as you want.

Every user has an isolation group. A user with an isolation group can only see users and objects of his enabled isolation group or the GLOBAL isolation group, provided he has the required system and/or object privileges. Objects inherit the isolation group of the partition in which they are stored. Regardless of privileges, a user will never be able to see or access an object with a non-GLOBAL isolation group if he does not have the same isolation group, enabled for the session, as the object.

This means that, when you log on, you choose your enabled isolation group for the session (if you have more than one) and this isolation group allows you to access objects which have the GLOBAL isolation group or the same one as your enabled one.

To create isolation groups, refer to the Assign Isolation Groups section of the documentation.