Previous Topic: Select Admin Tasks for the Role

Next Topic: Define Admin Policies for an Admin Role

Define Member Policies for an Admin Role

On the Members tab, you create member policies, which determine who can be a role member.

To define member policies

  1. Click Add to define member policies. A member policy contains these rules:

    Note: Be sure to enter an answer to at least one scope question. The scope rules limit the primary and secondary objects available to tasks in the role. For example, the role contains a task that modifies users by assigning them to groups. As a result, the user scope rule limits the users (primary object) that can be found and the group scope rule limits the groups (secondary object) that can be assigned.

  2. Verify that the Member Policy appears on the Members tab.
  3. On the Members tab, optionally enable the checkbox labeled “Administrators can add and remove members of this role." Leaving this checkbox disabled means that users become members by meeting a member rule.

    Once you enable this feature, the screen expands.

  4. In the expanded area, define the Add Action and Remove Action for when a user is added or removed as a role member.

    Important! For the add action, avoid setting up a rule that refers to the role you are defining. For example, do not define the add action that makes a member of Role A by being a member of Role A.

  5. Define Admin Policies for an Admin Role.