When a new role is to be created, the following screen is displayed by pressing '+' button:



In the above screen, we need to fill the required fields. Click on the Save button to save the changes. Once done, it takes you to roles screen: from where user can select the roles as per privilege, it will display the following screen:



Here, the user can select the roles as per privilege. Clicking on the Save button will save the configured changes.


The description of the above fields are as follows:


Item

Description

Role Name

It is strongly recommended to define a meaningful name, e.g. in the screenshot we have chosen Service user as someone who has full access to only the Service Managers of each service module.

Role Description

Add a description as a reminder of the purpose of the role.

Read

When a Module or Sub-Module is selected then automatically Read permission is given to that role. If you do not want to allow some module/sub-module then do not check that module/sub-module.

Add/Update

If this checkbox is checked, the role is given the permission to add or update against the selected module/sub-module. Permissions are applied on all sub-modules by checking this checkbox at the module level.

Delete

If this checkbox is checked, the role is given the permission to delete against the selected module/sub-module. Permissions are applied on all sub-modules by checking this checkbox at the module level.

Dual Control

If this checkbox is checked, the role is given the permission of dual control against the selected module/sub-module. Dual Control mean a request must be approved by some security officer before the action(add/update, Delete) takes place. Permissions are applied on all sub-modules by checking this checkbox at the module level.


Note: You can not enable the Dual Control unless an user with role Security Officer (Who will approve the operations) is already configured in the ADSS Server.


At least one user must exist with Access Control privileges, otherwise you will not be able to enter in the system.

See also

Default System Roles