Assigning Principals to Roles or Groups

Prerequisites

To assign principals, you must be assigned a role that includes the relevant actions. For example, to assign users to a role, you must have the right to manage both users and roles.

For more information, see Managing Users, Groups, and Roles .

Context

You can assign principals (users, roles, and groups) to roles and groups as follows:

Roles

Roles reflect a user's function. By assigning a role to a user, you provide the user with the authorizations or functions that he or she needs to fulfill specific tasks. You can also indirectly assign a role to a user by assigning the group to which the user belongs to the role.

You can display user management engine (UME) roles and if your installation includes a portal you can also display portal roles.

For more information about portal roles, see the Portal documentation.

You can assign the following principals to roles:
- Users
- Groups
- Actions
  
  Actions include UME actions as well as security roles.
Groups

You can assign the following principals to groups:
- Users
- Groups
- Roles
For more information, see UME Groups .

Restrictions

Restrictions to group assignments (if any) depend on the data source where the principals reside.

For more information, see the following:

Procedure

Start identity management.

For more information, see Identity Management .
Choose a role or group.
Choose the Modify pushbutton.
Choose Assigned Users , Assigned Groups , Assigned Actions , or Assigned Roles as required.
Under Available Users , Available Groups , Assigned Actions , or Available Roles , search for a principal.
- You can narrow the search by selecting the data source you want to search, if there is more than one data source.
- To view the details of assigned and available principals, click the principal Name or Logon ID , and choose Show Details . The details appear in a new window.
Select a principal from the search results list and choose the Add pushbutton.
Save your entries.