Previous Topic: Access Roles

Next Topic: Content of this Help

Role Characteristics

When you create a role, you define the characteristics shown in the following table:



Role Profile

General characteristics of the role.


Tasks for an admin role.

Account Templates

Templates that define accounts in managed endpoints for a provisioning role.

Member Rules,
Member Policies

A member rule defines conditions for a user to be an access or admin role member.

A member policy combines a member rule with scope rules.

Note: Provisioning roles have no member rules and policies. To make a user a member, you use Modify Provisioning Role Members/Administrators.

Admin Rules,
Admin Policies

  • An admin rule defines conditions for a user to be a role administrator.
  • An admin policy combines an admin rule with a scope rule and administrator privileges for assigning the role.

Owner Rules

Conditions for a user to be a role owner.

Scope Rules

Limits on which objects can be managed by the role.

Add Actions,
Remove Actions

Changes to a user profile when a user is added or removed as a role member or administrator.