Role-Based Access: Rules and Notes
This section provides rules and notes for role-based access related to the following:
User Management
The following role-based access rules and notes apply to user management:
|
■
|
There must always be at least one user with the administrator role assigned. The system prevents deletion of the last configured administrator to prevent an accidental lockout situation. |
|
■
|
Only administrators can add, edit, or delete users. |
|
■
|
Non-admin users must have at least one role assigned. If you remove all of a user’s custom roles, the Default role is automatically assigned to the user, even if it was previously removed. |
|
■
|
Users can only be deleted by administrators if they do not have any lock or lock-share privileges in place. Deleted users are automatically removed from all assigned roles. |
Role Management
The following role-based access rules and notes apply to role management:
|
■
|
A role cannot be deleted if ports are still assigned to it. |
|
■
|
Only administrators can add, edit, or delete roles. |
|
■
|
The built-in admin and Default roles cannot be deleted. |
|
■
|
Only administrators can assign or remove user roles. |
|
■
|
Administrators are prevented from changing a user’s assignment to a port locked by the user. |
Note: The admin must first unlock the port before changing a user’s assignment.
Port Ownership
The following role-based access rules and notes apply to port ownership:
|
■
|
Only administrators can assign or remove roles from ports. |
|
■
|
The admin role automatically has Level 4 permissions to all ports. The admin role cannot be assigned to any port. |
