Manage Access Privileges

Roles are used to specify access privileges required to access the functions in the Management Console.

To ensure good security of a large-scale system while maintaining security, assign each user an appropriate role and limit the operations the user can perform according to his or her job duties. By assigning the appropriate role for each user, you can prevent configuration changes or operation errors that were unintended by the system administrator and improve your operational security.

When using LDAP authentication, assign the role to an LDAP group name to apply the role to all users belonging to the group. Use the related LDAP profile to determine the role when using Kerberos authentication.
A user can be a member of more than one group, and each user is granted security rights based on all matching profiles.

Topics

Overview of System Roles
Typical Use-case for User Roles Assignment
Create a Custom Role
Role Privileges
Configure Group Restrictions
Configure Account Qualification