User Guide

Configuring Role-Based Administration 61

ConsoleOne User Guide

104-001316-001

August 29, 2001

Novell Confidential

Manual 99a38 July 17, 2001

5 Configuring Role-Based

Administration

ConsoleOne

gives you the option to extend the schema of your Novell

eDirectory

tree to allow the creation of role-based services (RBS) objects.

This enables administration applications to expose their functions as RBS

module and task objects in your tree. You can then create RBS role objects that

define the particular tasks that different users can perform in those

administration applications.

NOTE: This approach to delegating administration works only if you have

administration applications that use RBS objects. You can also delegate

administration using eDirectory rights as explained in “Granting Equivalence” on

page 53.

In This Chapter

 “Setting Up Role-Based Services” on page 61

 “Defining RBS Roles” on page 62

 “Assigning RBS Role Membership and Scope” on page 63

 “Creating RBS Objects for Custom Applications” on page 64

Setting Up Role-Based Services

Before administration applications can add RBS objects to your eDirectory

tree, the schema of the tree must be extended to allow RBS object types.

Typically, administration applications perform this schema extension

automatically during installation. Regardless, you can complete the procedure

below to ensure that your tree has the needed schema extensions.