Overview of Delegated Administration Role Hierarchy

Roles are dynamic classifications of users who meet specific requirements, such as membership in a group, matching user profile property values, and time of day. A role is used to determine whether to grant or deny access to resources, and to determine which capabilities on those resources are available to the user. The role hierarchy defines the structure for Delegated Administration.

The root Delegated Administration role is defined in the Portal Resource tree as Administrators. Any user mapped to this predefined role has unlimited administrative access in the administration portal. Only a user with global administrative rights can change the definition of this root Delegated Administration role.

You have flexibility in the way you set up your administration hierarchy and assign rights to your various administrators. You can create different levels of administrators, each with varying degrees of access. You can also create administrators that can, in turn, delegate administration tasks to other users.

WebLogic Portal includes a default system administrator. The system administrator has unlimited access to administrative tasks anywhere within the enterprise portal application. You can create as many different administrators as you need by creating administrator roles and then assigning specific users, user groups, or user characteristics.

For more information about using role hierarchies as a part of user management, see the User Management Guide on BEA's edocs page.

Related Help Topics:

• Overview of Delegated Administration
• Assign Delegated Administration to Groups
• Assign Delegated Administration to Portal Resources
• Assign Delegated Administration to Interaction Management Resources
• Assign Delegated Administration to Content Management Resources
• Overview of Portal Resources
• How Do I Entitle Users to See Specific Parts of My Portal?