Sun Microsystems, Inc.  Oracle System Handbook - ISO 7.0 May 2018 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-71-1545961.1
Update Date:2018-01-05
Keywords:
Solution Type  Technical Instruction Sure

Solution  1545961.1 :   Sun Storage 7000 Unified Storage System: Explanation of Roles and Exceptions  

Related Items 
    

  • Sun ZFS Storage 7320
    •  
  • Sun Storage 7210 Unified Storage System
    •  
  • Sun Storage 7410 Unified Storage System
    •  
  • Sun ZFS Storage 7420
    •  
  • Sun Storage 7310 Unified Storage System
    •  
  • Sun Storage 7110 Unified Storage System
    •  
  • Sun ZFS Storage 7120
    •  
Related Categories 
    

  • PLA-Support>Sun Systems>DISK>ZFS Storage>SN-DK: 7xxx NAS
    •  






In this Document


Goal


Solution


References


Applies to:  

Sun Storage 7210 Unified Storage System - Version All Versions to All Versions [Release All Releases]
Sun ZFS Storage 7420 - Version All Versions to All Versions [Release All Releases]
Sun ZFS Storage 7320 - Version All Versions to All Versions [Release All Releases]
Sun Storage 7310 Unified Storage System - Version All Versions to All Versions [Release All Releases]
Sun Storage 7110 Unified Storage System - Version All Versions to All Versions [Release All Releases]
7000 Appliance OS (Fishworks)
Information in this document applies to any platform.



Goal


To discuss this information further with Oracle experts and industry peers, we encourage you to review, join or start a discussion in the My Oracle Support Community - Disk Storage ZFS Storage Appliance


 This document discusses how roles and exceptions work on ZFSSA


Solution


Roles:


Roles are a group of permissions that can be assigned to a user selectively. Roles are assigned using scopes of Authorizations.


These scope contains a group of permissions that can be selected and assigned to a role.


Also note that one role can be given multiple Scope of Authorizations for example a role named "testrole" can be given scope "Project & Shares" and another scope "Analytics" and scope "Hardware"
 But note that roles will not be effective until it shows permission as "none" or you select a permission for it.
Eg: Go to Configuration > Users 
Create a role "testrole" and select scope Project & Shares. It will list permission that are part of scope. 
 You can select the permissions that you want to be part of this role.


Later while creating user or for existing user these roles can be assigned.


Exceptions:
On the other hand Exceptions are granular permissions that can be assigned to users that are not part of a Role.
Exceptions are authorizations that are excluded from those normally available due to the selected roles.
 If you use Exception then it will give the selected permissions to the user.
For Example if you have selected Exception Scope: Projects and shares , then selected all the available permissions in the list.
So it will assign these selected permission to the user and this user can create and modify share. But he will not be able to make any other changes.


Eg: you if want a user to provide role with Authorization scope Project & shares, and assign all authorization (permission).
 And you want a user to do some additional tasks that are NOT part of given role... for example restarting service.
 Then in that case you need to select Exception to provide additional permission to a user.
 So we can select exception "Services" and select Permission called "restart service"



In Summary, it depends on you want to configure permissions.


Roles will group permissions of similar type.


Exception will give permissions that are not part of roles you selected.


References
<NOTE:1541562.1> - Sun Storage 7000 Unified Storage System: Unable to create a "Read Only" role.



Attachments

This solution has no attachment


















       

Copyright © 2018 Oracle, Inc.  All rights reserved.

 Feedback