Managing Roles

Table 1–1 lists the system default roles that are automatically provided by the N1 System Manager. These system default roles cannot be modified. However, you can create customized roles for your users to fit your organizational and business needs.

The following table provides a quick reference to all the tasks and associated commands used to manage roles.

For more information about these commands, see the Sun N1 System Manager 1.1 Command Line Reference Manual.

To Create a Role

Steps

1. Log in to the N1 System Manager.

   See To Access the N1 System Manager Command Line for details.

2. Create a new role with one or more privileges.

   N1-ok> create role role [description description] privilege privilege[,privilege...]

   Use the show privileges all command to list all of the valid privileges or see Table 1–2.

   See create role in Sun N1 System Manager 1.1 Command Line Reference Manual for details. You can also use the add role command to later add privileges to the role.

To Delete a Role

Before You Begin

A role cannot be deleted if it is currently added to one or more users. If you try to delete a role that is being used, an error occurs. To successfully delete a role, an authorized user must first remove the role from all users and then attempt the role deletion.

Use the show role all command to list all of the valid roles.

Steps

1. Log in to the N1 System Manager.

   See To Access the N1 System Manager Command Line for details.

2. Delete a role.

   N1-ok> delete role role

   See delete role in Sun N1 System Manager 1.1 Command Line Reference Manual for details.

To Add a Privilege to a Role

Before You Begin

Use the show privilege all command to list all of the valid privileges or see Table 1–2.

Steps

1. Log in to the N1 System Manager.

   See To Access the N1 System Manager Command Line for details.

2. Add one or more privileges to a role.

   N1-ok> add role role privilege privilege[,privilege...]

   See add role in Sun N1 System Manager 1.1 Command Line Reference Manual for details.

   ---

   Tip –

   If you want to add most of the privileges to a role, you can use the all option to add all the privileges and then use the remove role command to remove the unneeded privileges.

   ---

To Remove a Privilege From a Role

Before You Begin

Use the show role role command to list all of the privileges currently added to a role.

Steps

1. Log in to the N1 System Manager.

   See To Access the N1 System Manager Command Line for details.

2. Remove one or more privileges from a role.

   N1-ok> remove role role privilege privilege [,privilege...]

   See remove role in Sun N1 System Manager 1.1 Command Line Reference Manual for details.

To List the Available Roles

Steps

1. Log in to the N1 System Manager.

   See To Access the N1 System Manager Command Line for details.

2. List the available roles.

   N1-ok> show role all

To List Privileges Added to a Role

Before You Begin

Use the show role all command to list all of the valid roles.

Steps

1. Log in to the N1 System Manager.

   See To Access the N1 System Manager Command Line for details.

2. List the privileges that are added to a role.

   N1-ok> show role role

   See show role in Sun N1 System Manager 1.1 Command Line Reference Manual for details.

Example 1–5 Listing Privileges Added to a Role

The following example shows that the SecurityAdmin role has five privileges added to it.

N1-ok> show role SecurityAdmin

Name:       SecurityAdmin
Privileges: UserWrite, RoleWrite, RoleRead, PrivilegeRead, UserRead

To List the Roles Added to All Users

Steps

1. Log in to the N1 System Manager.

   See To Access the N1 System Manager Command Line for details.

2. List the roles that are added to all users.

   N1-ok> show user all

To List the Available Privileges

Steps

1. Log in to the N1 System Manager.

   See To Access the N1 System Manager Command Line for details.

2. List the available privileges.

   N1-ok> show privilege all