The Active Roles console provides the New Object - Access Template wizard for creating Access Templates. You can start the wizard as follows: right-click Access Templates in the console tree, and select New | Access Template. In this case, the wizard adds an Access Template to the Access Templates container.
The first page of the wizard looks as shown in the following figure.
Figure 12: Add new Access template
On this page, type a name and description for the new Access Template. The Active Roles console will display the name and description in the list of Access Templates in the details pane.
Click Next. The second page of the wizard looks as shown in the following figure.
Figure 13: Access template permission enteries
This page prompts you to configure a list of Access Template permission entries. You can use the Add, Remove and View/Edit buttons to add, remove and modify an entry, respectively. Clicking Add starts the Add Permission Entries wizard that helps you configure permission entries. The wizard is discussed later in this section.
After you have completed the list of permission entries, click Next, and then click Finish. The new Access Template is created.
The Add Permission Entries wizard lets you specify the permission to be added into the Access Template. The first page of the wizard looks as shown in the following figure.
Figure 14: Add Permission Entries
On this page, you select the types of objects to which you want the permission to allow (or deny) access. You can select one of these options:
|
NOTE: By default, all object classes are not displayed in the list. To display all object classes, select the Show all possible classes check box. |
After you have selected the object classes you want, click Next. The next page of the wizard looks as shown in the following figure.
Figure 15: Permission category
On this page, you select a permission category, and specify whether you want the permission to allow or deny certain administrative actions.
You can select one of the following permission categories:
If you want the permission to deny certain administrative actions, you select the Deny permission check box.
The following sections elaborate on the permission categories you can select in the Add Permission Entries wizard.
Permissions in this category provide for all administrative operations on objects (and their properties) of the classes that you selected in the previous step of the Add Permission Entries wizard.
After you select Full Control access and click Finish, the permission is added into the newly created Access Template.
Permissions in this category provide for administrative operations on objects themselves (but not their properties) of the classes that you selected in the previous step of the Add Permission Entries wizard.
Administrative operations are selected from the list, which is displayed when you select Object access. You select the necessary operations by selecting the appropriate check boxes. For example, you might select List Object to allow viewing objects of certain types.
After you have selected the operations, click Finish to complete the Add Permission Entries wizard. The permission is added into the newly created Access Template.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy