Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Solaris Trusted Extensions Administrator's Procedures
Previous Next

Administrator Responsibilities for Users

The System Administrator role creates user accounts. The Security Administrator role sets up the security aspects of an account.

If you are using the Sun JavaTM System Directory Server for the LDAP naming service, check that the initial setup team configured the tsol_ldap.tbx toolbox. For the procedure, see Configuring the Solaris Management Console for LDAP (Task Map).

For details on setting up users and roles, see the following:

System Administrator Responsibilities for Users

In Trusted Extensions, the System Administrator role is responsible for determining who can access the system. The system administrator is responsible for the following tasks:

  • Adding and deleting users

  • Adding and deleting roles

  • Modifying user and role configurations, other than security attributes

Security Administrator Responsibilities for Users

In Trusted Extensions, the Security Administrator role is responsible for all security attributes of a user or role. The security administrator is responsible for the following tasks:

  • Assigning and modifying the security attributes of a user, role, or rights profile

  • Creating and modifying rights profiles

  • Assigning rights profiles to a user or role

  • Assigning privileges to a user, role, or rights profile

  • Assigning authorizations to a user, a role, or rights profile

  • Removing privileges from a user, role, or rights profile

  • Removing authorizations from a user, role, or rights profile

Typically, the Security Administrator role creates rights profiles. However, if a profile needs capabilities that the Security Administrator role cannot grant, then superuser or the Primary Administrator role can create the profile.

Before creating a rights profile, the security administrator needs to analyze whether any of the commands or actions in the new profile need privilege or authorization to be successful. The man pages for individual commands list the privileges and authorizations that might be needed. For examples of actions that require privileges and authorizations, see the exec_attr database.

Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire