Specifications
Using Identity Management
Ridgeline Concepts and Solutions Guide
266
A role can:
● Be independent of a parent or a child
● Have children (8 maximum)
● Have only one parent (maximum)
Defining a New Role
You can define network wide roles and specify the match criteria for placing a device under the role, as
well as, set role priority. You can create roles in a hierarchy to place a user under a role.
To create a role hierarchy, you define one or more roles as child roles of what becomes parent role.
Ridgeline supports a maximum of 5 children levels. A parent role can have up to 8 children but a child
cannot have more than one parent. Multiple inheritances are not allowed. In a hierarchy, only policies
are inherited, but not the match criteria from parent roles. Ridgeline allows a maximum of 64 roles and
each role name can have a maximum of 32 characters.
Priorities can have values from 1 to 255. One (1) is the highest priority The priority of the role
determines the role to which a user is mapped. The default priority is 255. The device is placed under
the role with lesser priority value in case of a conflict. If both roles have equal or the default priority, the
last role created gets the higher priority.
To add a new role, do the following:
1 On the menu bar, go to File>New>Role, or right click on the Roles list to open the menu. Existing
roles are shown on Tree View and Table View. See Figure 218. The Create new role dialog opens.
Figure 218: Choose a New Role From the Menu
2 Enter the role name, an optional description, and its priority. See Figure 219.
Use the following role naming conventions. A role name: