1. Oracle ZFS Storage Appliance Administration Guide, Release OS8.8.x
  2. Configuring the Appliance
  3. Configuring Users
  4. Adding a Role (BUI)

Adding a Role (BUI)

A role is a collection of authorizations that can be assigned to a user. Use this procedure to define a new role. Also see the alternative method at the end of this task, which is ideal for cloning a local role as a directory role.

  1. From the Configuration menu, select Users.
  2. Click the add icon image showing the add icon next to Roles.

    See also "Alternative Method" following this procedure.

  3. In the Add Role dialog box, set the role type, name of the role, and provide a description. Role types:

    • Local - Role applies to this appliance only.

    • Directory - Role applies to one of two directory group types and allows logging in as an administrator:

      • LDAP - Role applies to same-named, existing LDAP directory group. For Name, enter the exact same name for the LDAP directory group as configured on the LDAP server. Members of the same-named UNIX group are assigned this role and can log in as an administrator.

      • Active Directory - Role applies to same-named, existing Active Directory (AD) group. For Name, enter the exact same name in the format name@domain as configured for the AD group members on the AD server. Valid members of the same-named AD group are assigned this role and can log in as an administrator.

  4. In the Authorizations section, add authorizations for this role.

    See "Scopes, Filters, and Authorizations Available for Users and Roles" in User Authorizations.

    Iterate the following steps until you have added all of the authorizations that you want this role to have:

    1. Select a Scope.

      Any filters that are available for this scope appear below the Scope selector.

    2. Specify filters for the scope as necessary.
    3. Click the check box for each authorization to add.
    4. Click ADD in the Authorizations section.

      The authorizations are listed at the bottom of the Authorizations section.

  5. Click ADD at the top of the dialog box.

    The new role appears in the Roles list.

Alternative Method

To create a new role with the same authorizations as an existing role, hover over the entry for the existing role and click the clone icon Image showing the clone icon . Provide a role name, select Local or Directory, and click ADD at the top of the Clone Role dialog box. The new role type can be different from the existing type. For example, a local role can be cloned to a directory role.

Related Topics