Available Roles Right-Click Menu
Right-click on a configured Role to display the right-click menu.
New
Selecting New enables you to create a new Role. See “New Role”.
Edit
Click the Edit Role button to make changes to the current Role. The Role Editor window is displayed.
- Modify role name – select the tick box and make the required changes to the Role Name, saving the changes when you close the Role Editor window.
See Table 149, “Terminology: New Role General Properties” for a description of all the Role properties.
Copy
Selecting this options creates a copy of the currently selected Role and prefixes the name of the new Role with Copy of.
Copy and Open for Edit
Selecting this options creates a copy of the currently selected Role and prefixes the name of the new Role with Copy of. The new Role is opened in the Role Editor. See “Edit”.
Delete
Caution: Before deleting a Role, ensure there is no object (User, Group, Role or Data Definition) that can only be managed by this Role, as once deleted, these objects will no longer be able to be modified and may even be completely inaccessible (and in the case of a Data Definition, this would also apply to all the data that has been archived against it).
Select Delete to delete the current Role. The Role name is removed, however, the members of the Role remain in the list of Available Groups and/or Available Users.
Edit Membership of this Role
Selecting Edit membership of this Role enables you to add Users and Groups to this Role or remove Users and Groups from this Role. See “Members”.
Create New User with this Role
Selecting this option opens the User Editor with a new User who has this Role set as the Parent. See “New User”.
Create New Group with this Role
Selecting this option opens the Group Editor with a new Group which has this Role set as the Parent. See “New Group”.
View Permissions
The Role Permissions can be viewed and edited. See Table 150, “Terminology: Role Permissions” for a description of each Category.
Control Access to this Role
You can control who has access to the current Role by configuring an Access Control List. Select Control Access to this Role. The Access Control Security Configuration window is displayed.
Users, Groups and Roles which have been given access to the Role are listed on the left. To see what access the Users, Groups and Roles has been given, select it and view the settings for the Operations listed on the right.
The options used to configure Access Control Lists for Role are described in Table 158.
Table 158. Terminology: Role Access Control List (ACLs)
Operation |
Meaning |
---|---|
Item |
The selected Role to which access control is being configured (Searching Client Users in the above example). |
Users/Groups/Roles |
The name of the Users, Groups and/or Roles (User: DSX System Administrator in the above example) who are being given access to the Role (Searching Client Users in the above example). |
Read |
Allows the selected User, Group or Role to view the Properties of all the members of the Role (Searching Client Users in the above example). Cannot be set to Deny if Update is set to Allow. |
Update |
Allows the selected User, Group or Role to update the Properties (except the Passwords) of all the members of the Role (Searching Client Users in the above example). Cannot be set to Allow unless Read is set to Allow. Cannot be set to Deny if Delete, Change password, or Set access control is set to Allow. |
Delete |
Allows the selected User, Group or Role to delete the Role (Searching Client Users in the above example). Cannot be set to Allow unless Update is set to Allow. |
Change password |
Allows the selected User, Group or Role to change the password of all the members of the Role (Searching Client Users in the above example). Cannot be set to Allow unless Update is set to Allow. |
Set access control |
Allows the selected User, Group or Role to set the access controls (configure ACLs) for all the members of the Role (Searching Client Users in the above example). Cannot be set to Allow unless Update is set to Allow. |
Add and Remove Members Button
To allow Users, Groups or Roles access to the selected Role, click Add and Remove Members.
To add access to Users, select the Users tab, select one or more users and click Add Member >>.
To add access to Groups, select the Groups tab, select one or more groups and click Add Member >>.
To add access to Roles, select the Roles tab, select one or more roles and click Add Member >>. To remove a User, Group or Role from the list, select the item in the right-hand pane and click << Remove Member.
Once you have selected all the Users, Groups and/or Roles to which you want to give access to the current Role, click Confirm. If you want to exit without adding any Users, Groups or Roles to the list click Cancel.
You are returned to the Access Control Security Configuration window. See “Control Access to this Role” for details on how to configure Access Control to the current Role for each User, Group and/or Role.
Save and Close Button
To save all the changes made, click Save and Close. The changes are saved and the Access Control Security Configuration window is closed.
Cancel Button
To exit without saving any of the changes made, click Cancel. The changes are discarded and the Access Control Security Configuration window is closed.
Properties
General Properties
The Role’s General Properties are displayed on the General Properties tab.
The Role’s General Properties are described in Table 159.
Table 159. Terminology: Role Properties: General
Term |
Meaning |
---|---|
Name |
Displays the name of the Role. |
Display name |
If configured, shows an alternative name for the Role. |
Description |
If configured, shows a description for the Role. |
Role created |
Displays the date and time the Role was created. |
Role modified |
Displays the date and time the Role was last modified. |
Permissions modified |
Displays the date and time the Role’s Permissions settings or the Access Control settings for this Role were last modified. |
Members
The Members (Users and/or Groups) of the current Role are listed on the Members tab.
The Role Properties for the Members tab are described in Table 160.
Table 160. Terminology: Role Properties: Members
Term |
Meaning |
---|---|
Display Name |
The display name configured for the User or Group. |
Name |
The User name or Group name of the Member of this Role. |
Description |
The description configured for the User or Group. |
Source |
Active Directory – the User or Group was added from an external source. Manual – the User or Group was created within Management Studio. |
Permissions
The Permissions tab displays the Permissions settings.
See “Permissions” for a description of each Category.