Create a Custom Role

Create a role to be assigned to a user. Duplicate an existing system role with the permissions that match the role you want to create, and then edit and register the duplicated role as the new role.

The SLNX User Role is assigned to users/admins who will login to the SLNX management console as an administrator. To add users to the role, refer to Local Admin User Accounts.

Only a user who is assigned the system role of Full Admin or Security Admin can duplicate a role. Create a custom role that is assigned the permissions of SecurityRead and SecurityWrite to allow the user who is assigned the custom role to duplicate a role.

  1. Click [System]→ [Security] → [User Roles].

  1. Select the system role to be used as the model of a new role, and then click (Copy).

    This will duplicate the selected role. The name of the role will have an underscore "_" in the beginning and end of the name.

  2. Select the duplicate role and on the [Role] tab:

  • Modify the custom role name.
  • Change the [Login expiry time] as necessary. This will be the duration of time before a timeout of the login session is detected.
  • Enter the LDAP group name in [LDAP group name]. The role is assigned to all members that belong to the LDAP group name entered here. The system does not check whether the LDAP group name is correct, so ensure you confirm the name before you continue.

    If you want to assign the role to an OpenIDConnect (OIDC) group, make sure you create an OIDC authentication profile then specify the group's Object ID here.

  1. On the [Restrictions] tab, specify [Security Context (Read)] or [Security Context (Write)].

[Security Context (Read)] specifies the device groups that allow viewing of roles. or [Security Context (Write)] specifies the device groups that allow updating of roles from among the groups that allow viewing of roles. For details, see Configure Group Restrictions.

  1. On the [Privileges tab]. select the permission to be granted to the role.

See Role Privileges for role information.

  1. On the [User] tab, select a local user account to be assigned to the role.

You can assign a role to externally identified users (LDAP/Kerberos/OIDC) by configuring the LDAP group name on the [Role] tab.