Defining roles and access

As a platform administrator, you can define a role that has access to specific features of IBM® Intelligent Operations Center. For example, you can define an executive role that has the necessary access privileges to the tenants, pages, filter panes, and taskbar features that are necessary for an executive's work. You can map multiple user groups to the role so that all the users in these groups have access to the same features as the role.

Before you begin

• To define and manage roles, your system must be configured to work with a Lightweight Directory Access Protocol (LDAP) user registry. You must also define a roles organizational unit in your LDAP user registry and configure the LdapRoleFilter system property. For more information, see Configuring an LDAP user registry and Configuring LDAP support for roles.
• If your LDAP server is IBM Security Directory Server, you must also configure an appropriate size for the group members cache. For more information, see Configuring cache size for user groups and roles.

1. Create a role and map one or more user groups to the role. For more information, see Creating roles.
2. Assign access rights to the role according to your requirements. For more information, see Assigning access privileges.