Create Custom Role

Contents

1Introduction
1.1Prerequisites

2
Procedure

1   Introduction

This document describes how to create a custom role.

The administrator can create custom roles when the predefined roles do not match the needs of the organization authorization policy.

1.1   Prerequisites

This section describes the prerequisites, which must be fulfilled before using the procedure.

1.1.1   Conditions

The following conditions must apply:

Note:  
It is not allowed to define a new CustomRole MO with an existing roleName.

2   Procedure

To create a custom role:

  1. Navigate to the LocalAuthorizationMethod MO, for example:

    >dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LocalAuthorizationMethod=1

  2. Enter Config mode:

    (LocalAuthorizationMethod=1)>configure

  3. Create a CustomRole MO, for example:

    (config-LocalAuthorizationMethod=1)>CustomRole=CustomSystemOperator

  4. Set the role name, for example:

    (config-CustomRole=CustomSystemOperator)>roleName="CustomSystemOperator"

  5. Associate some existing custom rules to the custom role, for example:

    (config-CustomRole=CustomSystemOperator)>rules="ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LocalAuthorizationMethod=1,CustomRule=Custom_FaultManagement_1"

  6. Describe the role, for example:

    (config-CustomRole=CustomSystemOperator)>userLabel="Custom System Operator Role"

  7. Commit the settings:

    (config-CustomRole=CustomSystemOperator)>commit

  8. Verify the result:

    (CustomRole=CustomSystemOperator)>show

    The following is an example output:

    CustomRole=CustomSystemOperator
   roleName="CustomSystemOperator"
   rules=
      "ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,⇒
UserManagement=1,LocalAuthorizationMethod=1,CustomRule=⇒
Custom_FaultManagement_1"
   userLabel="Custom System Operator Role"
  9. The custom role can now be assigned to user accounts.
Legal | © Ericsson AB 2014, 2015