Novell iManager gives administrators the ability to assign specific responsibilities to users and to present the user with only the tools (and their accompanying rights) necessary to perform those sets of responsibilities. This functionality is called Role-Based Services (RBS).
Role-Based Services allows administrators to focus the user on a specified set of functions, called tasks, and objects as determined by the grouping of tasks called roles. What users see when they access iManager is based on their role assignments in eDirectory. Only the tasks assigned to that user are displayed. The user does not need to browse the tree to find an object to administer; the iManager plug-in for that task presents the necessary tools and interface to perform the task.
You can assign multiple roles to a single user. You can also assign the same role to multiple users.
Role-Based Services is represented by objects defined in eDirectory. The base eDirectory schema gets extended during the iManager installation. The RBS object types are listed in the following table.
The RBS objects reside in the eDirectory tree as depicted in the following figure.
Figure 22RBS roles specify the tasks that users are authorized to perform. Defining an RBS role includes creating an rbsRole object and specifying the tasks that the role can perform and the User, Group, or container objects that can perform those tasks. In some cases, Novell iManager plug-ins (product packages) provide predefined RBS roles that you can modify.
The tasks that RBS roles can perform are exposed as rbsTask objects in your eDirectory tree. These objects are added automatically during the installation of product packages. They are organized into one or more rbsModules, which are containers that correspond to the different functional modules of the product.
For information on assigning members to a role, see Assigning RBS Role Membership and Scope.
Use the Create iManager Role Wizard to create a new rbsRole object. We recommend creating the new rbsRole object in the same rbsCollection container where the other rbsRole objects reside (for example, the Role-Based Services Collection container).
In Novell iManager, click the Configure button .
Click Role Configuration > Create iManager Role.
Follow the instructions in the Create iManager Role Wizard.
See Defining Custom RBS Tasks for information on adding members to roles.
Each RBS role has a set of available tasks associated with it. You can choose which tasks are assigned to a particular role, adding or removing tasks as necessary.
After you have defined the RBS roles needed in your organization, you can assign members to each role. In doing so, you specify the scope in which each member can exercise the functions of the role. The scope is the location or context in the eDirectory tree where this role can be performed.
A user can be assigned to a role in the following ways:
A user can be associated with a role multiple times, each with a different scope. You can also assign the same task to multiple members.
To assign role membership and scope:
In Novell iManager, click the Configure button .
Click Role Configuration > Modify iManager Roles.
To add or remove members from a role, click the Modify Members button to the left of the role you want to modify.
In the Name field, specify an object name (a User, Group, or Container object) and context.
In the Scope field, specify an Organization or Organizational Unit object name and context.
Click Add, then click OK.
Use the Create Server Administration Task Wizard to build custom tasks to access a server's services. The system administrator should verify that the service is available on the server.