Creating a new role-based access control policy

Create and manage access control policies, user groups, and resource groups using the Organizational Administration Console. Site administrators can define execute commands, associate policies with policy groups, and update XML configurations.

About this task

Procedure

1. Use the Organizational Administration Console to create an access group for the new role.
2. Use the Organizational Administration Console to create a resource group and assign commands that this role can execute.
3. Use the Organizational Administration Console to create an access control policy with the following parameters:
   1. Specify the new access group created in step 1 as the User Group.
   2. Specify "ExecuteCommandActionGroup" as the Action Group.
   3. Specify the new resource group created in step 2 as the Resource Group.
4. Manually, create an access control XML file for your policy and associate the new policy to a policy group as described in Associating policies with policy groups.
5. Manually, update the XML file created in step 4 to modify the resource-level access control of for the policy as described in Modifying the resource-level access control of an existing policy.
6. After completing the changes to your policy, load the policy into the database.