To Assign Device Authorizations to an Account
-
Assume the Security Administrator role, launch the Solaris Management Console in the appropriate scope, and click Users. Provide a password when prompted.
-
Double-click the User Accounts tool, and click the Rights tab.
-
Assign to the user a rights profile that contains the Allocate Device authorization.
If the defaults have not been modified, assign the rights profile Convenient Authorizations or All Authorizations.
-
To assign a rights profile to a role account, double-click the Administrative Roles tool, and double-click the role to be modified.
-
If the role should be able to allocate devices, choose a profile from the following table.
Table 12-6 Default Profiles that Include Device Allocation AuthorizationAuthorization Name
Default Profiles
Allocate Device
All Authorizations
Convenient Authorizations
Device Management
Media Backup
Media Restore
Object Label Management
Software Installation
SSP Installation
-
If the role should be able to revoke or reclaim devices, choose one of the following profiles.
Table 12-7 Default Profiles for Administering DevicesName
Default Profile
Default Role
Revoke or Reclaim Devices
Device Management
secadmin
All Authorizations
Not assigned
-
If the role should be able to create or configure devices, choose one of the following profiles.
Table 12-8 Default Profiles for Creating DevicesName
Default Profile
Default Role
Configure Device Attributes
Device Security
secadmin
Host Alternate Pathing
secadmin
All Authorizations
Not assigned
If none of the default profiles are appropriate for the account being reconfigured, the Security Administrator role can create a new profile that includes the device allocation authorization(s), either by themselves or along with any other commands needed by the profile's users to perform the desired work (such as the allocate, deallocate, and tar commands). Creating a new profile is described in "Adding or Modifying a Rights Profile".
-
- © 2010, Oracle Corporation and/or its affiliates