Mapping roles
Encyclopedia volume roles map to an LDAP object class, such as groupofuniquenames. The name Actuate displays is the LDAP object’s common name attribute, called the LDAP cn attribute.
When using the RSSE application with an LDAP server, you cannot nest roles. Roles are an LDAP object. To indicate that an Actuate user is a member of one or more Actuate roles, add the LDAP Actuate user object as a member of the LDAP Actuate roles.
iHub uses the members specified in the LDAP Actuate role objects when it performs authorization functions for Actuate roles. iHub also uses the LDAP role objects when it lists roles used to specify privileges.
To specify privileges to access a file or folder in the Encyclopedia volume for an LDAP role object, first create the Actuate role object in the LDAP directory. Then, in the Encyclopedia volume, specify privileges for the Actuate role in the Encyclopedia volume file or folder.
Information Console supports using different levels of user functionality based on a user’s membership in particular Encyclopedia volume roles. To use the Information Console roles and functionality levels, create corresponding LDAP roles and add users to the roles.