System Administration Guide: Security Services

Managing RBAC Information (Task Map)

The following task map shows where to obtain information for performing specific RBAC tasks.

Task	Description	For Instructions
Use privileged applications	To run applications that can affect security or system operations requires becoming superuser or assuming a role.	How to Assume a Role in the Console Tools How to Assume a Role at the Command Line
Create roles	To add new roles, that is, special identities for running privileged applications.	How to Create a Role by Using the Administrative Roles Tool How to Create a Role From the Command Line
Change role properties	To change the properties of a role, that is, the assigned users, rights profiles, and authorizations that are assigned to a role.	How to Change a Role by Using the Administrative Roles Tool How to Change a Role From the Command Line
Create or change rights profiles	To add or change a rights profile, including the assignment of authorizations, commands with security attributes, and supplementary rights profiles.	How to Create or Change a Rights Profile by Using the Rights Tool How to Change Rights Profiles From the Command Line
Change a user's RBAC properties	To change the roles, rights profiles, or authorizations that are assigned to a user.	How to Modify a User's RBAC Properties by Using the User Accounts Tool How to Modify a User's RBAC Properties From the Command Line
Secure legacy applications	To turn on the set ID permissions for legacy applications. Scripts can contain commands with set IDs. Legacy applications can check for authorizations, if appropriate.	How to Add Security Attributes to a Legacy Application How to Add Security Attributes to Commands in a Script How to Check for Authorizations in a Script or Program

These procedures manage the elements that are used in role-based access control (RBAC). For user management procedures, refer to “Managing User Accounts and Groups (Tasks)” in System Administration Guide: Basic Administration.