User Guide
64 ConsoleOne User Guide
ConsoleOne User Guide
104-001316-001
August 29, 2001
Novell Confidential
Manual 99a38 July 17, 2001
If you want a single role membership to have multiple, non-overlapping
scopes (such as two different branches of the eDirectory tree), you must
list that role membership multiple times, each with a different scope.
3 Click OK.
Creating RBS Objects for Custom Applications
Typically, administration applications that use RBS objects add the needed
objects to your eDirectory tree automatically during installation. However, if
your organization has developed a custom administration application that uses
RBS objects, you can create the needed RBS objects manually. The following
are the types of RBS objects you can create:
Object Type Container
or Leaf
Purpose Example
Module Container Represents a module of the
administration application, so that the
application’s tasks can be logically
contained and uniquely identified.
An application might have User
and Server modules that each
contain a Create task.
Task Leaf Represents a specific application
function.
Reset Login Password.
Scope Leaf Represents the scope in which a role
member can exercise the functions of the
role, if the application defines scope in
non-eDirectory terms.
NOTE: Before you can create a scope
object, its class must exist in the schema
of your eDirectory tree. A scope class is a
subclass of RBS:External Scope.
An application that defines scope
in Domain Name Service (DNS)
terms might let you create scope
objects such as:
com_xyz
com_xyz_usa
com_xyz_usa_ny
Role Leaf Represents an administrative role. It lists
the particular application tasks that role
members can perform. See “Defining
RBS Roles” on page 62 to create this
object type.
For a User Administration
application, you might create roles
such as:
Rights Manager
Password Administrator
Employment Data Entry