This section explains how to define setting values for user accounts.
With Resource Orchestrator, you can restrict the operations that each user account can perform and the resources that operations can be performed on.
Role
The operations that can be used by each user account.
Access Scope
The resources that can be operated by each user account.
For details on the resources which can be operated for each role, refer to "Appendix B Access Control by Roles" in the "Operation Guide CE".
User Account Conditions
Configure the following parameters for user accounts and roles to be created on Resource Orchestrator:
The user ID must start with an alphanumeric character, and can contain between 4 and 31 alphanumeric characters, underscores ("_"), hyphens ("-"), and periods (".").
The number of characters for user ID and usable character types may be limited depending on the directory service used for Single Sign-On. For details on attributes to configure the user ID using the directory service, refer to "Table 4.14 Object Class" in "4.5.4 Registering Administrators". For details on limit values which can be specified as attributes to configure user IDs, refer to the manual for the directory service.
When using OpenDS for the directory service used by Single Sign-On, the user ID (uid attribute) must be unique in the directory service.
The string must be composed of alphanumeric characters and symbols, and can be between 8 and 64 characters long.
The number of characters for passwords and the usable character types may be limited depending on the directory service used for Single Sign-On. For details on limit values of passwords, refer to the manuals of directory service.
Configure the role to set for the user account.
Configure the access scope to set for the user account.
