12.5. Identity Management 中的预定义角色
Red Hat Identity Management 提供以下预定义角色范围:
表 12.1. Identity Management 中的预定义角色
| 角色 | 特权 | Description |
|---|---|---|
| Enrollment Administrator | 主机注册 | 负责客户端或主机、注册 |
| helpdesk | Modify Users and Reset passwords, Modify Group membership | 负责执行简单的用户管理任务 |
| IT Security Specialist | Netgroups Administrators, HBAC Administrator, Sudo Administrator | 负责管理安全策略,如基于主机的访问控制、sudo 规则 |
| IT Specialist | Host Administrators, Host Group Administrators, Service Administrators, Automount Administrators | 负责管理主机 |
| Security Architect | Delegation Administrator, Replication Administrators, Write IPA Configuration, Password Policy Administrator | 负责管理身份管理环境、创建信任、创建复制协议 |
| User Administrator | User Administrators, Group Administrators, Stage User Administrators | 负责创建用户和组 |