For LDAP over SSL users accessing the switch, you can set the specific roles and privileges that the user has on the switch.
Administrator or Operator (simple authentication) to set either role and the predefined privileges for it.
None (remote server authentication) to have the LDAP user's role assigned by the LDAP server.
Advanced Roles to have a customizable set of privileges assigned to the LDAP user.
For more information, see User Roles and Permissions.