The Remote Registration Utility (RREG) is also governed by the roles assigned to the user invoking them. When using RREG to remotely register agents, the administrator provides credentials that allows the RREG client to successfully connect and authenticate to the RREG Access Manager Server, this in turn, propagates the client's identity to the Access Manager components that will enforce the appropriate administration roles.
The following might occur when running the RREG based on the administrator's role:
In a creation operation:
A new agent entry can be provisioned.
A HostID for that Agent can be created.
An Application for that agent might be created.
Resources might be added to the new Application using the newly created HostID.
In an update operation:
Agent settings can be changed.
A HostID for that agent can be changed.
An Application for that agent can be created if it does not exist.
Resources can be added to the Application.
The RREG administrator must be assigned roles to ensure successful completion of the administrative operations.
The System Administrator role to create/update an Agent.
The OAM Shared Component Administrator / System Administrator role to create/update an HostID entry.
The OAM Domain Administrator role / System Administrator to create/update an Application and create/configure Resources.
After executing the RREG command, the administrator will be set as the delegated administrator for the created Application, Agent and HostID.