Roles

A role is a set of permissions that can be assigned to a user. Assigning a role confers specific access capabilities.

When you assign a role to a user, you must specify one or more access collections for that role. This limits the scope of the role to only those access collections that are appropriate for that user.

For example, Sarah is responsible for the NT servers and workstations of your company, and you assign her the supervisor role for an access collection that contains those systems. Jim is responsible for the Linux® systems, and you assign him the supervisor role for an access collection that contains those systems. Although Sarah and Jim are assigned the same role (because they perform the same operations), they have access to different resources.

Note: If you are using a synchronization server, you must create the role for each TADDM domain, and synchronize the domain servers with the synchronization server.

Predefined roles

TADDM provides the following predefined roles:

operator: This role has Read permission.
supervisor: This role has Read, Update, and Discover permissions.
administrator: This role has Read, Update, Discover, and Admin permissions.

Additional roles that you can create

You can create additional roles to assign other combinations of permissions. The following combinations might be especially useful:

Read + Update: Permission to read and update objects in assigned access collections.
Read + Update + Admin: Permission to read and update objects in assigned access collections and to create users, roles, and permissions.