At this point, the Identity Manager is not yet protected by the policy agent. The role that will be created here will not have any special privileges assigned to it. It will only be used to group the administrative users, and this role will be used later in a policy in OpenSSO Enterprise.
Log in to the Identity Manager administrator interface as using the following credentials:
Navigate to tab Resources | List Resources.
Expand the branch for the Sun Access Manager Realm entry.
Mark the checkbox in front of the SunAccessManagerRealm entry.
Choose the option Resource Actions | Create Resource Object.
In the New Resource Object page, select Role from the dropdown box, and click New.
In the next page, enter the name of the role as idm_admins, and assign the user idmadmin to this role.
In the Create Role Results screen, click OK.
When you expand the SunAccessManagerRealm branch, the Resource List page is displayed and contains a list with the new role idm_admins.
Log out of the Identity Manager administrator interface.