3.4. Setting up Access Controls

Access controls are configured by adding users and permissions to a role.
  1. Hover over the Administer menu, and click the Roles item.
  2. Click the name of the role.
  3. Set up the permissions for the role.
    The Permissions area defines two things: the organizations which are associated with the role and the permissions granted for those organizations.
    1. Click Permissions.
    2. Select the organization.
      A single role can be associated with multiple organization, but the permissions are set on each organization individually. So, configure all the permissions for one organization and then select another and configure all of the permissions for that.
    3. At the bottom of the window, click the Add Permission item.
    4. Select the component (organization, activation key, provider, or group) for which to add the permission.
    5. Click Next.
    6. When the target is selected, then there is a selection box which lists the available permissions for that target. The available permissions are outlined in Table 3.1, “Subscription Asset Manager Components and Allowed Permissions”.
    7. Click Next.
    8. Enter a name and, optionally, a description for the permission.
    9. Click the Done.
  4. Click the name of the role at the top of the role edit window.
  5. Next, add at least one administrator user for the role. Even if LDAP authentication (Section 3.5, “Managing Users with LDAP Authentication”) is used for other users in the role, at least one administrator from within Subscription Asset Manager is required.
    1. Click the Users item.
    2. All of the users in Subscription Asset Manager are listed. Click the Add nad Remove labels by the usernames to manage membership in the role.