Contents
1 Introduction
This document describes how to delete a custom role.
The administrator can delete custom roles when they are no longer needed by the organization authorization policy.
1.1 Prerequisites
This section describes the prerequisites, which must be fulfilled before using the procedure.
1.1.1 Conditions
The following conditions must apply:
- The user has the System Security Administrator role.
- The custom role to delete is known and reflects the wanted authorization policy change.
- An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.
2 Procedure
To delete a custom role:
- Navigate to the LocalAuthorizationMethod Managed Object (MO), for example:
>dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LocalAuthorizationMethod=1
- View the current settings:
(LocalAuthorizationMethod=1)>show –v
The following is an example output:
LocalAuthorizationMethod=1 administrativeState=UNLOCKED CustomRole=CscfApplicationAdministratorCustom Role=CscfApplicationAdministrator Role=CscfApplicationOperator Role=CscfApplicationSecurityAdministrator Role=SystemAdministrator Role=SystemSecurityAdministrator
- Enter Config mode:
(LocalAuthorizationMethod=1)>configure
- Delete the CustomRole MO, for example:
(config-LocalAuthorizationMethod=1)>no CustomRole=CscfApplicationAdministratorCustom
- Commit the deletion:
(config-LocalAuthorizationMethod=1)>commit
- Verify the deletion by checking the Role instances:
(LocalAuthorizationMethod=1)>show -v
The following is an example output:
LocalAuthorizationMethod=1 administrativeState=UNLOCKED Role=CscfApplicationAdministrator Role=CscfApplicationOperator Role=CscfApplicationSecurityAdministrator Role=SystemAdministrator Role=SystemSecurityAdministrator
- The users that possess the deleted role have their authorization policy reduced.
The CustomRule MOs that remain unreferenced can be deleted, refer to Delete Custom Rule.