If you do not want to use the built-in roles with the pre-assigned privileges, you can create custom roles where you select specific privileges and assign them to the Active directory groups.
For example, you can create a role that gives privileges to perform all actions on Writable Volumes (such as create, enable, disable, rescan, and so on) and also view the online directory of users. You can edit the privileges later and the updated privileges is dynamically allocated to the members of the assigned group. That is, the members do not have to log out and log in to the system to get the new privileges.
- From App Volumes Manager, click .
A list of roles that have been created is displayed.
- Click Create Custom Role and provide the following information:
Option Description Name Name of the role. Description A detailed description of the custom role. Privileges Select the list of privileges you want to assign to the role from the following top-level categories.
When a top-level privilege is selected, all the privileges under it are automatically assigned to a custom role. You can also choose specific privileges under a top-level privilege, and do not have to select all the privileges.
You can also navigate from each of the categories within a top-level privilege and choose specific individual privileges from the available subcategories.
For example, if you select Inventory as a top-level privilege, you can select any of the privileges within Inventory such as Applications, Application Assignments, and so on. If you have selected Applications, you can further select specific individual privileges such as View, Create, and so on.
- Click Create.