start of change

View and edit properties of a security role

Use this task to view and edit the properties of a PowerHA® SystemMirror security role for the cluster.

Fields

This task is available only if you configured a Lightweight Directory Access Protocol (LDAP) registry.

To view properties for a role, select the role and select Properties from the Action menu. Click Edit to open the Edit Properties window.

Name
Indicates the name of the selected role.
Description
start of changeSpecify a short description of the role. If a message catalog message is not available, the value that you specify is the default description message that is displayed for the role. end of change
Role ID
start of changeSpecify a unique numeric identifier for the role. The role ID must be a positive integer. If you do not specify an ID, one is assigned for you. end of change
Authorizations
Specify one or more authorizations to assign to this role. PowerHA SystemMirror users that you assign to this role acquire these authorizations in addition to any authorizations for the roles that you specified for the Roles list property.
Role list
Specify one or more role based access control (RBAC) roles, and the authorizations that they provide, to assign to this role. For example, you specify values of role1 and role2. When you assign this role to a user, you also are assigning role1 and role2 roles to that user.
Groups
Specify one or more groups to which a user must belong to effectively use this role. For this role to be effective, you must add the user to each group that you specify.
Visibility
Select the visibility status of the role to the system. You can select one of the following values:start of change
Visable and authorizations enabled
This role is enabled, displayed, and selectable. Authorizations contained in this role are applied to the user to whom you assign the role. This option is the default value.
Hidden and authorizations enabled
This role is enabled, but is not selectable through a visual interface. Authorizations contained in this role are applied to the user that you assign to the role.
Hidden and authorizations disabled
This role is disabled and is not selectable through a visual interface. Authorizations contained in this role are not applied to the user that you assign to the role.
end of change
Message catalog
start of changeSpecify the file name of an existing message catalog that contains optional one-line descriptions of system roles. This catalog, in conjunction with the message ID that you specified, provides a method to use a specific existing description for the role instead of the default value that you specified for the Description property. end of change
Message set
Specify the name of the message set that contains the role description in the message catalog that you specified.
start of changeMessage value end of change
start of changeSpecify the message identification number of the role description from the message catalog that you specified. This value must be a positive integer, and must be a valid message ID number within the specified message catalog.end of change
end of change