6.9.2. Configure User Role Assignment

Roles for a user to be included in and excluded from can be configured in the Management Console and the Management CLI. This topic only shows using the Management Console.
Only users in the SuperUser or Administrator roles can perform this configuration.

The User roles configuration in the management console can be found by following these steps:

  1. Login to the Management Console.

  2. Click on the Administration tab.

  3. Expand the Access Control menu and select Role Assignment.

  4. Select the USERS tab.

Procedure 6.4. Create a new role assignment for a user

  1. Login to the Management console.
  2. Navigate to the Users tab of the Role Assignment section.
  3. Click the Add button at the top right of the user list. Add User dialog appears.
    Screenshot of Add User Dialog

    Figure 6.1. Add User Dialog

  4. Specify user name, and optionally realm.
  5. Set the type menu to include or exclude.
  6. Click the checkbox of the roles to include or exclude. To check multiple items, hold down the Control key (Command key on OSX).
  7. Click Save to finish.
    When successful, the Add User dialog closes, and the list of users is updated to reflect the changes made. If unsuccessful a Failed to save role assignment message is displayed.

Procedure 6.5. Update the role assignment for a user

  1. Login to the Management console.
  2. Navigate to the Users tab of the Role Assignment section.
  3. Select user from the list.
  4. Click Edit. The selection panel enters edit mode.
    Screenshot of Selection Edit View

    Figure 6.2. Selection Edit View

    Here you can add and remove assigned and excluded roles for the user.

    1. To add an assigned role, select the required role from the list of available roles on the left and click button with the right-facing arrow next to the assigned roles list. The role moves from the available list to the assigned list.

    2. To remove an assigned role, selected the required role from the assigned roles list on the right and click the button with the left-facing arrow next to the assigned roles list. The role moves from the assigned list to the available list.

    3. To add an excluded role, select the required role from the list of available roles on the left and click button with the right-facing arrow next to the excluded roles list. The role moves from the available list to the excluded list.

    4. To remove an excluded role, selected the required role from the excluded roles list on the right and click the button with the left-facing arrow next to the excluded roles list. The role moves from the excluded list to the available list.
  5. Click Save to finish.
    When successful, the edit view closes, and the list of users is updated to reflect the changes made. If unsuccessful a Failed to save role assignment message is displayed.

Procedure 6.6. Remove role assignment for a user

  1. Login to the Management console.
  2. Navigate to the Users tab of the Role Assignment section.
  3. Select the user from the list.
  4. Click Remove. The Remove Role Assignment confirmation prompt appears.
  5. Click Confirm.
    When successful, the user will no longer appear in the list of user role assignments.

Important

Removing the user from the list of role assignments does not remove the user from the system, nor does it guarantee that no roles will be assigned to the user. Roles might still be assigned from group membership.
Report a bug