HP-UX Directory Server 8.1 Administrator (766147-001, March 2014)

Managing roles using the console

This section contains the following procedures for creating and modifying roles:

• “Creating a managed role” (page 169)

• “Creating a filtered role” (page 172)

• “Creating a nested role” (page 175)

• “Viewing and editing an entry's roles” (page 178)

• “Modifying a role entry” (page 180)

• “Making a role inactive or active” (page 182)

• “Deleting a role” (page 184)

When a role is created, determine whether a user can add themselves or remove themselves from

the role. See “Using roles securely” (page 188) for more information about roles and access control.

Creating a managed role

Managed roles have an explicit enumerated list of members. Managed roles are added to entries

by adding the nsRoleDN attribute to the entry.

To create and add members to a managed role:

1. In the Directory Server Console, select the Directory tab.

2. Browse the tree in the left navigation pane, and select the parent entry for the new role.

3. Go to the Object menu, and select New→Role.

Using roles 169