Manualshelf

Specifications

ManualsBrandsExtreme Networks ManualsComputer equipmentRidgeline Guide
251252253254255256257258259260
Using Identity Management
Ridgeline Concepts and Solutions Guide
252
Figure 199: Hierarchical Role Management Example
To create a role hierarchy, you define one or more roles as child roles of which a parent role is derived.
Ridgeline supports a maximum of 5 levels. A parent role can have up to 8 children but a child cannot have
more than one parent. Multiple inheritances are not allowed. In a hierarchy, only policies are inherited, not
the match criteria from parent roles. Figure 200 is a diagram of the role hierarchy.
(Company == XYZCORP)
(Company == XYZCORP AND Department == Sales)
EX_idm_0002
(Company == XYZCORP AND Department == Sales AND Title contains Manager)
(Company == XYZCORP AND Department == Sales AND Title contains Engineer)
Managers
Engineers
Employees
Sales
Policy 1: Allow common file shares
Policy 2: Allow access to time-sheet application
Policy 3: Allow CRM applications
Policy 4: Deny Engineering resources
Policy 5: Allow access to Finance applications
Policy 6: Allow access to HR tools
Policy 7: Allow access to partner tools