Assign users to administrator roles

 

Overview

The following steps are needed to assign users to administrative roles. In the administrative console...

  1. Click through...

    System Administration | Console Users or Console Groups.

  2. To add a user or a group, click Add on the Console users or Console groups panel.

  3. To add a new administrative user, enter a user identity in the User field, highlight Administrator, and click OK. If there is no validation error, the specified user is displayed with the assigned security role.

  4. To add a new administrative group, either enter a group name in the Specify group field or select EVERYONE or ALL AUTHENTICATED from the Select from special subject menu, and click OK. If no validation error exists, the specified group or special subject displays with the assigned security role.

  5. To remove a user or group assignment, click Remove on the Console Users or the Console Groups panel. On the Console Users or the Console Groups panel, select the check box of the user or group to remove and click OK.

  6. To manage the set of users or groups to display, expand the filter folder on the right panel and modify the filter. For example, setting the filter to user* only displays users with the user prefix.

  7. After the modifications are complete, click Save to save the mappings.

  8. Restart the server for changes to take effect.

 

Usage scenario: SAS

Before you assign users to administrative roles (administrator, configurator, operator, and monitor), set up your user registry, which can be LDAP, local OS, or a custom registry. Set up your user registries without enabling security. Once you assign users to administrative roles, restart the server for the new roles to take effect. However, the administrative resources are not protected until you enable security.

 

See Also

Administrative console and naming service authorization
Assigning users and groups to roles
Assigning users to RunAs roles
Console users settings and CORBA naming service user settings
Console groups and CORBA naming service groups
syncNode command