Setting Up Roles and Tasks

Novell® iManager gives administrators the ability to assign specific responsibilities to users and to present them with only the tools (and their accompanying rights) necessary to performs those sets of responsibilities. This functionality is called Role-Based Services (RBS).

Role-Based Services allows administrators to assign users a defined set of specific functions, called tasks, and objects as determined by the grouping of tasks, called roles. What users see when they access Novell iManager is based on their role assignments in Novell eDirectoryTM. Only the tasks assigned to the authenticated user are displayed. The user does not need to browse the tree to find an object to administer; the plug-in for that task presents the necessary tools and interface to perform the task.

You can assign multiple roles to a single user. You can also assign the same role to multiple users.

A default set of roles and tasks is included with iManager 1.5. You can use the default set or customize them to your liking.

Role Based Services is represented by objects defined in eDirectory. The base eDirectory schema gets extended while running the iManager Configuration Wizard. The new object types are listed in the following table.


Table . Role-Based Services Objects in eDirectory

Object Description

rbsCollection icon rbsCollection

A container object that holds all RBS role and module objects.

rbsRole icon rbsRole

Specifies the tasks that users (members) are authorized to perform. Defining a role includes creating an rbsRole object and specifying the tasks that the role can perform.

rbsRoles can be created only in an rbsCollection container.

rbsTask icon rbsTask

Represents a specific function, such as resetting login passwords.

rbsTask objects are located only in rbsModule containers.

Scope object rbsScope

Represents the context in the tree where a role will be performed and is associated with rbsRole objects.

This object is dynamically created when needed, then automatically deleted when no longer needed.

WARNING:  Never change the configuration of an rbsScope object. Doing so will have serious consequences and could possibly break the system.

rbsModule icon rbsModule

Holds rbsTask objects. Each module corresponds to a product.

The Role-Based Services objects use the structure within the eDirectory tree as shown in the following figure.

Figure 2
Role-Based Services Objects Grouped in the eDirectory Tree



  Previous Page: Advice about Using iManager  Next Page: Installing Roles and Tasks for the First Time