Defining permissions

All property classes in the Property Dictionary include permissions in the form of an access control list (ACL). The ACL specifies the roles that have access to the property class and the types of actions those roles are authorized to perform.

Use these procedures to add a set of authorizations for a role, add a predefined set of permissions to one or more roles, apply ACL policies, or to delete an entry.

To access the Permissions tab

  1. In the Property Dictionary, right-click a property class and select Properties from the pop-up menu.
  2. On the resulting dialog box, click the Permissions tab.

To add a set of authorizations for a role

  1. From the Permissions tab, click Add Entry g_V95_AddIcon.gif. The Add New Entry window opens.
  2. From Role, select a role to which you want to grant permissions.
  3. Under Available Authorizations, take any of the following actions:
    • To assign individual system authorizations, click the System tab at the bottom of the Available Authorizations list. Then, select the system authorizations you want to make available to the role you chose in the previous step.
    • To assign individual command authorizations, click the Commands tab at the bottom of the Available Authorizations list. Then, select the command authorizations you want to make available to the role you chose in the previous step. The Commands tab is only available when you are assigning permissions to a server.

    • To assign authorization profiles, click the Profiles tab at the bottom of the Available Authorizations list. Then, select the authorization profiles you want to make available to the role you chose in the previous step.

      Tip

      To select multiple authorizations, use Shift-click or Control-click. Click the right arrow to move your selections to the Selected Authorizations list.

  4. Click OK.

To add a predefined set of permissions to one or more roles

  1. From the Permissions tab, click Use ACL Template g_V95_TemplateIcon.gif. The Select ACL Template dialog box opens.
  2. Select one or more ACL templates in the dialog box.

  3. To set the contents of the selected ACL templates to replace all entries in the access control list, check Replace ACL with selected templates.

    Note

    If you do not check this option, the contents of the selected ACL templates are appended to any existing entries in the access control list. Replacing the current set of permissions with the contents of an ACL template is particularly useful when promoting a system object between roles.

  4. Click OK.

To apply ACL policies

  1. From the Permissions tab, click Use ACL Policy g_V95_ACLPolicyIcon.gif. The Select ACL Policy dialog box opens.
  2. Select one or more ACL policies in the dialog box.

  3. To set the contents of the selected ACL policies to replace all entries in the access control list, check Replace ACL with selected policies.

    Note

    If you do not check this option, the contents of the selected ACL policies are appended to any existing entries in the access control list. Replacing the current set of permissions with the contents of an ACL template is particularly useful when promoting a system object between roles.

  4. Click OK.

To delete an entry

  1. From the Permissions tab, select the entry.
  2. Click Delete Entry g_V95_DeleteIcon.gif.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*