Creating the Primary Administrator Role
An administrative role is a special user account. Users who assume a role are permitted to perform a pre-defined set of administrative tasks.
The Primary Administrator role is permitted to perform all administrative functions, similar to superuser.
If you are superuser, or a user assuming the Primary Administrator role, you can define which tasks other administrators are permitted to perform. With the help of the Add Administrative Role wizard, you can create a role, grant rights to the role, and then specify which users are permitted to assume that role. A right is a named collection of commands, or authorizations, for using specific applications or for performing specific functions within an application, and other rights, whose use can be granted or denied by an administrator.
You are prompted for the following information when you create the Primary Administrator role:
Table 2–2 Item Descriptions for Adding a Role by Using the Console|
Item |
Description |
|---|---|
|
Role Name |
Selects the name an administrator uses to log in to a specific role. |
|
Full Name |
Provides a full, descriptive name of this role. (Optional) |
|
Description |
Further description of this role. |
|
Role ID Number |
Selects the identification number assigned to this role. This number is the same as the set of identifiers for UIDs. |
|
Role Shell |
Selects the shell that runs when a user logs into a terminal or console window and assumes a role in that window. |
|
Create a role mailing list |
Creates a mailing list with the same name as the role, if checked. You can use this list to send email to everyone assigned to the role. |
|
Role Password and Confirm Password |
Sets and confirms the role password and password. |
|
Available Rights and Granted Rights |
Assigns rights to this role by choosing from the list of Available Rights and adding them to the list of Granted Rights. |
|
Select a home directory |
Selects the home directory server where this role's private files will be stored. |
|
Assign users to this role |
Adds specific users to the role so they can assume the role to perform specific tasks. |
For detailed information about Role-Based Access Control, and how to use roles to create a more secure environment, see “Role-Based Access Control (Overview)” in System Administration Guide: Security Services.
- © 2010, Oracle Corporation and/or its affiliates