How to allocate another resource to one set of ppl in an already existing role?



  • Hi,

    There are say some 20 users configured to access some servers. Already there is a role “ABC” configured for this. Now i need to make only some users among the 20 to access one more server server X. Can this be accompolished without creating another role involving the resource as server X? If yes, pls let me know how.

    The role mapping policy currently is when username is ""* assign role ABC



  • The simplest way to accomplish this is to add a new role and associate it to the usernames. This will allow the original role and the new resource role to be mapped specifically for the resources you are looking for.



  • Yes. Its too simple to create another role and have one more rule on the realm and merge the settings.
    So can i conclude that is this the only way?



  • User “X” is unique with respect to “ABC” - I don’t see how you can do this without writing a detailed rule (which would be quicker than the response I’m writing here 😉



  • Hi alan,

    Thnx for ur inputs. But am aware of that. My concern can this be done without creating another User role for “X”? i.e making use of the already existing User Role “ABC”?



  • Have you tried:
    User | User Realms | User Authentication Realms | <select the="" realm="">| Role Mapping | and check "Merge settings for all assigned roles"You have two Roles - one for “X” and one for “ABC”. Role “X” has Stop checked in the last column. So “ABC” inherits “X” on the fall through.</select>



  • Hi,

    Can u pls be more specific w.r.t configuration? I dont have much hands-on and still unable to find a clue



  • maybe with detailed rules


 

38
Online

38.4k
Users

12.7k
Topics

44.5k
Posts