Roles
User roles control how authenticated user accounts are authorized for command execution. The set of actions a user can perform depends on their role.
You can create more custom roles based on one of the four preset roles.
- Monitor
- Users mapped to this role can view all physical and library data, but cannot view user accounts or security settings. This role is useful for library operators.
- Superuser
- Users mapped to this role can view all pages and perform library tasks, but cannot manage users, modify security settings, or access service-related functions.
- Administrator
- For the TS4500, users mapped to this role can perform all library tasks, including managing access and security, but cannot access service-related functions.
- Local Service (Diamondback)
- Users mapped to this role can view all pages that are available to a Monitor. In addition, they can perform service-related functions such as updating firmware, downloading logs, calibrating library components, and performing diagnostic tests.
- Service (TS4500)
- Users mapped to this role can view all pages that are available to a Monitor, in addition to performing service-related functions such as updating firmware, downloading logs, calibrating library components, and performing diagnostic tests. This role is useful for IBM® service representatives.
- Custom
- For the TS4500, users mapped to a role with a customized name can view all of the pages that are available to the selected preset permission level of the custom role.
For the TS4500, roles are used for remote mapping by creating a custom role that matches the user group that is defined in the remote authentication (LDAP) server. When you create such a role, if the remote user group is meant to be directly mapped to a default role, the parent role should be identified with no other change.