General Role Settings
The Roles Settings allow the administrator to configure specific distinguished name (DN) settings. As an Administrator, select General from the Module Settings
The General Role Settings are divided into the following:
Roles Placement Base DN:
To configure DN settings, type the DN name or click the icon to browse for it. The search feature allows administrators to navigate and select the correct DN.
Review the Configuration Module Interface Overview to configure RBAC or ABAC module visibility.
Note
The specific directory layout will likely display differently since global RapidIdentity Portal configuration determines visibility.
Upon selecting the correct LDAP entry, click OK and then modify the visible fields accordingly.
The table below describes the available configuration fields in the Roles Settings.
Field Name | Description |
|---|---|
Roles Placement Base DN | The location in the directory where RapidIdentity Portal will store groups that are created and managed. |
Enable Role Auto-Import | Allow eligible LDAP Groups to be automatically imported as Roles. |
Maximum Number of Roles to Return | The maximum number of roles that will be returned by a search." |
Allow Distribution List Creation | Allows the 'Distribution List' type when creating a backing LDAP Group. Only applies to RapidIdentity Portal instances using Active Directory. |
Enable Role Auto-Synchronization | Enables periodic automatic updates of Role Membership. |
Preload Roles | Determines if groups are loaded when a Roles tab is loaded or only when the search button is pressed. |
Enable Wildcard (*) Searches | Enables or disables the ability to do wildcard searches in any section. |
Write Samaccountname Value to Role | If selected, the group name will also be written to the SAMAccountName attribute. (Active Directory Users Only). The Role name will also be used as the sAMAccountName of the backing LDAP Group. |
Access Control | This is a module visibility ACL that specifies who has access to the Roles module. The administrator can select the module to be attribute-based, role-based, or have it accessible to all by selecting None. Only users who meet the ACL requirements are allowed to access the Roles module, in terms of being displayed and allowed to be utilized. |
Create Role | When selected, this offers the ability for users to create a role. |
Update Role Info | When selected, this offers the ability to update the Role description. |
Update Role Membership | When selected, this enables manual syncing of Role membership. |
Delete Role | Allows the role to be deleted. |
Sync Role | Allows the role to be synchronized. |
