How to Assign Device Authorizations
The Allocate Device authorization enables users to allocate a device. The Allocate Device authorization, and the Revoke or Reclaim Device authorization, are appropriate for administrative roles.
Before You Begin
You must be in the Security Administrator role in the global zone.
If the existing profiles are not appropriate, the security administrator can create a new profile. For an example, see How to Create a Rights Profile for Convenient Authorizations.
-
Assign to the user a rights profile that contains the Allocate Device authorization.
For assistance, see the online help. For the step-by-step procedure, see How to Change the RBAC Properties of a User in System Administration Guide: Security Services.
The following profiles enable a role to allocate devices:
-
All Authorizations
-
Device Management
-
Media Backup
-
Media Restore
-
Object Label Management
-
Software Installation
The following profiles enable a role to revoke or reclaim devices:
-
All Authorizations
-
Device Management
The following profiles enable a role to create or configure devices:
-
All Authorizations
-
Device Security
-
Example 23–5 Assigning New Device Authorizations
-
Creates new device authorizations, as in How to Create New Device Authorizations
-
In the Device Manager, adds the new device authorizations to the tape and diskette drives
-
Places the new authorizations in the rights profile, NewCo Allocation
-
Adds the NewCo Allocation rights profile to the profiles of users and roles who are authorized to allocate tape and diskette drives
In this example, the security administrator configures the new device authorizations for the system and assigns the rights profile with the new authorizations to trustworthy users. The security administrator does the following:
Authorized users and roles can now use the tape drives and diskette drives on this system.
- © 2010, Oracle Corporation and/or its affiliates