Administrator Responsibilities for Users - Trusted Extensions Configuration and Administration

Skip Navigation Links
Exit Print View
	Trusted Extensions Configuration and Administration Oracle Solaris 11.1 Information Library

Oracle Technology Network

Document Information

Part I Initial Configuration of Trusted Extensions

1. Security Planning for Trusted Extensions

2. Configuration Roadmap for Trusted Extensions

3. Adding the Trusted Extensions Feature to Oracle Solaris (Tasks)

4. Configuring Trusted Extensions (Tasks)

5. Configuring LDAP for Trusted Extensions (Tasks)

Part II Administration of Trusted Extensions

6. Trusted Extensions Administration Concepts

7. Trusted Extensions Administration Tools

8. Security Requirements on a Trusted Extensions System (Overview)

9. Performing Common Tasks in Trusted Extensions

10. Users, Rights, and Roles in Trusted Extensions (Overview)

User Security Features in Trusted Extensions

Administrator Responsibilities for Users

System Administrator Responsibilities for Users

Security Administrator Responsibilities for Users

Decisions to Make Before Creating Users in Trusted Extensions

Default User Security Attributes in Trusted Extensions

label_encodings File Defaults

policy.conf File Defaults in Trusted Extensions

Configurable User Attributes in Trusted Extensions

Security Attributes That Must Be Assigned to Users

Security Attribute Assignment to Users in Trusted Extensions

.copy_files and .link_files Files

11. Managing Users, Rights, and Roles in Trusted Extensions (Tasks)

12. Remote Administration in Trusted Extensions (Tasks)

13. Managing Zones in Trusted Extensions

14. Managing and Mounting Files in Trusted Extensions

15. Trusted Networking (Overview)

16. Managing Networks in Trusted Extensions (Tasks)

17. Trusted Extensions and LDAP (Overview)

18. Multilevel Mail in Trusted Extensions (Overview)

19. Managing Labeled Printing (Tasks)

20. Devices in Trusted Extensions (Overview)

21. Managing Devices for Trusted Extensions (Tasks)

22. Trusted Extensions Auditing (Overview)

23. Software Management in Trusted Extensions

A. Site Security Policy

Creating and Managing a Security Policy

Site Security Policy and Trusted Extensions

Computer Security Recommendations

Physical Security Recommendations

Personnel Security Recommendations

Common Security Violations

Additional Security References

B. Configuration Checklist for Trusted Extensions

Checklist for Configuring Trusted Extensions

C. Quick Reference to Trusted Extensions Administration

Administrative Interfaces in Trusted Extensions

Oracle Solaris Interfaces Extended by Trusted Extensions

Tighter Security Defaults in Trusted Extensions

Limited Options in Trusted Extensions

D. List of Trusted Extensions Man Pages

Trusted Extensions Man Pages in Alphabetical Order

Oracle Solaris Man Pages That Are Modified by Trusted Extensions

Administrator Responsibilities for Users

The System Administrator role creates user accounts. The Security Administrator role sets up the security aspects of an account.

For details on setting up users and roles, see the following:

System Administrator Responsibilities for Users

In Trusted Extensions, the System Administrator role is responsible for determining who can access the system. The system administrator is responsible for the following tasks:

Adding and deleting users
Adding and deleting roles
Assigning the initial password
Modifying user and role properties, other than security attributes

Security Administrator Responsibilities for Users

In Trusted Extensions, the Security Administrator role is responsible for all security attributes of a user or role. The security administrator is responsible for the following tasks:

Assigning and modifying the security attributes of a user, role, or rights profile
Creating and modifying rights profiles
Assigning rights profiles to a user or role
Assigning privileges to a user, role, or rights profile
Assigning authorizations to a user, a role, or rights profile
Removing privileges from a user, role, or rights profile
Removing authorizations from a user, role, or rights profile

Typically, the Security Administrator role creates rights profiles. However, if a profile needs capabilities that the Security Administrator role cannot grant, then the root role can create the profile.

Before creating a rights profile, the security administrator needs to analyze whether any of the commands in the new profile need privilege or authorization to be successful. The man pages for individual commands list the privileges and authorizations that might be needed.

Copyright © 1992, 2012, Oracle and/or its affiliates. All rights reserved. Legal Notices

Previous

Next