To change user properties that are assigned to a user who is defined in the local scope or in an LDAP repository, use the usermod command. For more information, see the usermod(1M) man page.
Alternatively, to change the authorizations, roles, or rights profiles that are assigned to a user who is defined in the local scope, edit the user_attr file.
Use this method for emergencies only.
To manage roles locally or in a name service such as an LDAP repository, use the roleadd or rolemod commands. For more information, see the roleadd(1M) or rolemod(1M) man pages.
These commands require authentication as the root role that is capable of changing user files. You can apply these commands to all name services. See Commands That Are Used for Managing Users, Roles, and Groups in Managing User Accounts and User Environments in Oracle Solaris 11.2 .
The Forced Privilege and Stop Rights profiles that ship with Oracle Solaris 11 cannot be modified.