The
CMP system uses roles to configure what a user can do within the
CMP system. Assigning roles to the various users that access the
CMP system lets you control who can configure and access features within the
CMP system. The default roles are:
- Administrator
- Permits full read/write access to all functions. You cannot delete the Administrator role.
- Operator
- Permits full read/write access to all Policy Management server management and configuration functions. Access is also permitted to all system administration functions except User Management.
- Viewer
- Permits read-only access to functions associated with Policy Management server management and configuration. Full access is also permitted to some of the system administration functions, such as Change Password.
Note: When you create a new role, ensure that it has appropriate access to all functions you intend the role to use. For example, if you create a role for third-party access to OSSI functions, but it does not have the system administration privilege Import/Export set to Show, a user given that role cannot perform OSSI queries.
The
CMP system lets you perform the following role management actions: