31.3 Creating Roles for Systems Infrastructure Administration
The Systems Infrastructure plug-in does not define its own roles for access controls. To manage the plug-in, you must create roles and administrators, and then assign roles to administrators. The roles restrict a user's privileges.
For security reasons, Oracle recommends that the SYSMAN account be used only as a template to create other accounts, and not used directly.
To create roles to provide management rights to users:
Log in to the Enterprise Manager Cloud Control as the super administrator user.
Click Setup, then Security.
On the Security page, a list of predefined roles is provided. These roles can serve as basis to define custom roles to suite specific site level requirements.
The predefined roles provided cannot be edited or deleted.
Select a role that closely matches the role you wish to create. Click Create Like.
On the Properties page, enter a name for the new role. You can optionally add a description. Click Next.
On the Roles page, select the roles from the list of Available Roles. Click Move to add the role to Selected Roles. Click Next.
On the Target Privileges page, select the privilege you want to grant to the new role. Click Next.
On the Resource Privileges page, you can edit specific privileges to be explicitly granted. Click the Manage Privilege Grant edit icon to make the changes. Click Next.
On the Administrators page, select the administrators from the list of Available Administrators that you want to grant the new role to. Click Move to add the administrator to Selected Administrators. Click Next.
On the Review page, a complete summary of the new role you have created is displayed. Click Back to go to previous screens to make changes. Click Finish to complete the role creation.
When the newly created administrator logs in, unlike SYSMAN, the administrator is restricted by the privileges set.