HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)

5.1.2 Managing roles using the console

This section contains the following procedures for creating and modifying roles:

• “Creating a managed role” (page 168)

• “Creating a filtered role” (page 171)

• “Creating a nested role” (page 174)

• “Viewing and editing an entry's roles” (page 177)

• “Modifying a role entry” (page 179)

• “Making a role inactive or active” (page 181)

• “Deleting a role” (page 183)

When a role is created, determine whether a user can add themselves or remove themselves from

the role. See “Using roles securely” (page 187) for more information about roles and access control.

5.1.2.1 Creating a managed role

Managed roles have an explicit enumerated list of members. Managed roles are added to entries

by adding the nsRoleDN attribute to the entry.

To create and add members to a managed role:

1. In the Directory Server Console, select the Directory tab.

2. Browse the tree in the left navigation pane, and select the parent entry for the new role.

3. Go to the Object menu, and select New→Role.

168 Organizing Entries with roles, Class of service, and Views