Managing Roles

A role is a set of tasks an operator can perform within ActivID CMS. For security reasons, a given operator can access only the ActivID CMS functions that are authorized by the role. The concept of a role applies to ActivID CMS operators only and does not apply to users.

ActivID CMS has a set of predefined roles. Use these predefined roles as examples when creating the roles that are applicable to your own organization.

From the Roles page, you can perform the following actions:

  1. Select the Configuration tab.

  2. Select the Roles sub-tab. You can create a role by duplicating an existing role, and then editing it as needed.

  3. In the Role Name column, locate the role you want to use as a template for the new role.

  4. In the Action column, click Duplicate. The Role Creation page appears:

  5. Under General Information, in the Name field, enter a name for the new role. This is the name that will appear in the Administrative Role drop-down list when you enroll an operator.

  6. In the Description field, enter a description of the role.

  7. Next to User Access Restrictions, select one of the following options:

    • None—Enables an operator assigned this role to manage all users in the LDAP Lightweight Directory Access Protocol directories that ActivID CMS supports.

    • Operator Dependent—Enables an operator assigned to this role to manage only the users in the groups to which the operator has access (as specified during enrollment of the operator).

  8. Under Services, select or clear the appropriate options.

    For example, if you want to enable the operator to update devices, then expand Device Update and select the tasks that you want the operator to perform.

    The order of the options mirrors the structure of the Operator Portal for its main tabs, sub-tabs, and the tasks that the role can perform. For example, if you do not select any tasks under Device Update, then the operator will not see the Device Update tab on the Operator Portal.

  9. Click Create. A confirmation message appears.

You cannot update the Administration role.

  1. Go to the Roles page.

  2. In the Role Name column, locate the role you want to update.

  3. In the Action column, click Update. The Role Update page appears:

  4. In the Description field, enter a new description, if applicable.

  5. For the User Access Restrictions option, select either:

    • None to enable an operator assigned this role to manage all users in the LDAP Lightweight Directory Access Protocol directories that ActivID CMS supports.

    • Operator Dependent to enable an operator assigned this role to manage only the users in the group branches to which the operator has access (as specified during enrollment of the operator).

      If you change the User Access Restrictions setting from None to Operator Dependent, then you must update each operator to whom the role is assigned, assigning them LDAP branches to access.

  6. Under Services, select or clear the appropriate options.

    The order of the options mirrors the structure of the Operator Portal for its main tabs, sub-tabs, and the tasks that the role can perform. For example, if you do not select any tasks under Device Queries, then the operator will not see the Device Queries sub-tab on the Operator Portal.

  7. Click Update to update the role and the services for all operators to whom that role is assigned. After ActivID CMS has updated the role, a confirmation message appears.

  1. Go to the Roles page.

  2. In the Role Name column, locate the role you want to view.

  3. In the Action column, click View. The Role Information page appears:

  4. Click Done (not illustrated) at the bottom of the page to exit.

You cannot delete the Administration role or a role that is currently assigned to an operator.

  1. Go to the Roles page.

  2. In the Role Name column, locate the role you want to delete.

  3. In the Action column, click Delete.

    The Role Deletion page appears:

  4. Click Delete (not illustrated) at the bottom of the page. A confirmation message appears.