Bookshelf Home | Contents | Index | PDF |
Siebel Security Guide > Security Adapter Authentication > Security Adapter Deployment Options > Configuring Roles Defined in the DirectoryResponsibilities assigned to each user in Siebel Business Applications provide users with access to particular views in the application. Responsibilities are created in the Siebel application and are stored in the Siebel database. One or more responsibilities are typically associated with each user in the Administration - Application screen. Creating roles in the LDAP directory or Active Directory is another means of associating Siebel responsibilities with users. Roles are useful for managing large collections of responsibilities. A user has access to all the views associated with all the responsibilities that are directly or indirectly associated with the user. You can choose to store users' Siebel responsibilities as roles in a directory attribute instead of in the Siebel database in the following authentication strategies:
NOTE: You can store Siebel user responsibilities as roles in a directory attribute but you cannot store Siebel user positions as roles in a directory attribute. It is recommended that you assign responsibilities in the database or in the directory, but not in both places. If you define a directory attribute for roles, but you do not use it to associate responsibilities with users, then leave the attribute empty. If you use roles to administer user responsibilities, then create responsibilities in the Siebel application, but do not assign responsibilities to users through the Siebel application interface. To configure roles defined in the directory
|
Siebel Security Guide | Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices. | |