Contents

1   Description

This instruction describes how to delete a custom role.

The administrator can delete custom roles when they are no longer needed by the organization authorization policy.

2   Procedure

2.1   Delete Custom Role

Prerequisites

• The instruction references the following document:
  • Delete Custom Rule
• No tools are required.
• The following conditions must apply:
  • The user has the System Security Administrator role.
  • The custom role to delete is known and reflects the wanted authorization policy change.
  • An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.

Steps

1. Navigate to the LocalAuthorizationMethod Managed Object (MO), for example:

   >dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LocalAuthorizationMethod=1

2. View the current settings:

   (LocalAuthorizationMethod=1)>show –v

   The following is an example output:

   LocalAuthorizationMethod=1 administrativeState=UNLOCKED CustomRole=CscfApplicationAdministratorCustom Role=CscfApplicationAdministrator Role=CscfApplicationOperator Role=CscfApplicationSecurityAdministrator Role=SystemAdministrator Role=SystemSecurityAdministrator

3. Enter Config mode:

   (LocalAuthorizationMethod=1)>configure

4. Delete the CustomRole MO, for example:

   (config-LocalAuthorizationMethod=1)>no CustomRole=CscfApplicationAdministratorCustom

5. Commit the deletion:

   (config-LocalAuthorizationMethod=1)>commit

6. Verify the deletion by checking the Role instances:

   (LocalAuthorizationMethod=1)>show -v

   The following is an example output:

   LocalAuthorizationMethod=1 administrativeState=UNLOCKED Role=CscfApplicationAdministrator Role=CscfApplicationOperator Role=CscfApplicationSecurityAdministrator Role=SystemAdministrator Role=SystemSecurityAdministrator

7. The users that possess the deleted role have their authorization policy reduced.

The CustomRule MOs that remain unreferenced can be deleted, refer to Delete Custom Rule.