Organizations

The creation of the following roles and the related ACIs, every time an organization is created, can be eliminated:

• Organization Admin Role

• Organization Help Desk Admin Role

• Policy Admin Role

Eliminate the roles and the related ACIs by making a change to the DAI service in the /etc/opt/SUNWam/config/ums/ums.xml file.

You can selectively remove only one of these roles, instead of all of them:

<AttributeValuePair>
      <Attribute name="childNode" />
      <Value>PeopleContainer</Value>
      <Value>GroupContainer</Value>
      <Value>DefaultOrgRole</Value>
      <Value>DPOrgAdminRole</Value>
      <Value>DPOrgHelpDeskAdminRole</Value>
      <Value>DPOrgPolicyAdminRole</Value>
 </AttributeValuePair>

The above are lines 143-151 in the ums.xml file.

It is not possible to eliminate the creation of this role: People Admin Role.

Every time an organization is created, a default People container is created and along with the People container, this role is also created. If you do not need this role, you may delete this role from the Access Manager Console. That will clean up all the ACIs related to this role as well.