Sun Identity Manager 8.1 Business Administrator's Guide

Role Types in Summary

The following figure shows which role-types, resources, and resource-groups can be assigned to each of the four role-types. The figure also shows that role-type exclusions can be assigned to all four role-types. (For a description of Role exclusions, see To Assign Resources and Resource Groups.)

Figure 5–1 The Business Role, IT Role, Application, and Asset Role-Types

Figure illustrating Business Role, IT Role, Application,
and Asset Role-Types

Optional, conditional, and required contained-roles (What are Roles?) provide added flexibility. Flexible role definitions can reduce the total number of roles your organization needs to manage.

Figure 5–2 shows that Business Roles and IT Roles are directly assignable to users if a pre-8.0 version of Identity Manager is upgraded to at least version 8.0. On upgrade, legacy roles are converted to IT Roles, and, to ensure backwards compatibility, IT Roles are directly assigned to users. If Identity Manager was not upgraded from a pre-8.0 version, then only Business Roles are directly assignable to users.

Figure 5–2 Roles and resources that can be directly assigned to users.

Figure illustrating how Business and IT roles are assigned
to users