Use this task to create a PowerHA® SystemMirror security role
for the cluster.
PowerHA SystemMirror security
roles are based on AIX® role
based access control (RBAC) roles. This task is available only if
you configured a Lightweight Directory Access Protocol (LDAP) registry.
Fields
Provide the following information
for the new role:
- Name
- Specify a unique name for the role to be created.
The name must consist of 1 - 63 characters. You cannot use any of
the following characters in the name: colon (:), single quotation
mark (’), double quotation mark ("), number sign (#), comma (,), equal
sign (=), forward slash (/), backslash (\), or a space ( ).
- Role ID
Specify a unique numeric identifier for the role. The
role ID must be a positive integer. If you do not specify an ID, one
is assigned for you. 
- Description
Specify a short description of the role. If a message
catalog message is not available, the value that you specify is the
default description message that is displayed for the role. 
- Message catalog
Specify the file name of an existing message catalog
that contains optional one-line descriptions of system roles. This
catalog, in conjunction with the message ID that you specified, provides
a method to use a specific existing description for the role instead
of the default value that you specified for the Description property. 
Message value 
Specify the message identification number of the role
description from the message catalog that you specified. This value
must be a positive integer, and must be a valid message ID number
within the specified message catalog.
- Message set
- Indicates the name of the message set that contains the role description
in the message catalog that you specified. If you specify a message
set, you must provide a value for the
Message
number
property.
- Visibility
- Select the visibility status of the role to the system. You can
select one of the following values:

- Visable and authorizations enabled
- This role is enabled, displayed, and selectable. Authorizations
contained in this role are applied to the user to whom you assign
the role. This option is the default value.
- Hidden and authorizations enabled
- This role is enabled, but is not selectable through a visual interface.
Authorizations contained in this role are applied to the user that
you assign to the role.
- Hidden and authorizations disabled
- This role is disabled and is not selectable through a visual interface.
Authorizations contained in this role are not applied to the user
that you assign to the role.
Available authorizations
Select one or more authorizations to assign
to this role. Click Add to move them to the Selected
authorizations list. PowerHA SystemMirror users that
you assign to this role acquire these authorizations, in addition
to any authorizations for the roles that you select in the Available
roles list. To remove an authorization from the Selected
authorizations list, select the authorization and click Remove to
return the group to the Available authorizations list.
Available groups
Select one or more groups to which a user
must belong to effectively use this role. Click Add to
move them to the Selected groups list. You
must add the user to each group in this list for this role to be effective.
To remove a group from the Selected groups list,
select the group and click Remove to return
the group to the Available groups list.
Available roles
Select one or more RBAC roles, and the authorizations
that they provide, to assign to this role. Click Add to
move them to the Selected roles list. For example,
you select role1 and role2.
When you assign this role to a user, you also are assigning role1 and role2 to
that user. To remove a role from the Selected roles list,
select the role and click Remove to return
the role to the Available roles list.