Abiquo provides a set of default roles and you can clone and modify them to create new roles. See Default roles. See Privileges for a list of the privileges for each role. | Panel |
|---|
| Privileges: Access Roles and Scope screens, Manage roles, Manage global role |
A user can only have one role, but a role can be associated with multiple OpenID, AD, or LDAP groups. By default the new role will have "Copy:" added to its name, for example, "Copy: CLOUD_ADMIN". To create or modify a role: Go to Users → Roles To clone a role, click the duplicate clone button. Select the cloned role and click the pencil edit button To create a new role, click the + add button
Complete the dialog. Enter the Name of the role. The names of global roles must be unique To create a local role, select the Enterprise that the role will belong to To create a global role, select Make this role global
Optionally, to create a list of network addresses from which users with this role can access the platform, enter Allowed CIDRs.
The CIDRs from a user’s role and scope will apply to the user but allowed CIDRs set directly for the user will have the highest priority. Enter the corresponding External roles, e.g. LDAP group, for the user. This is required in external authentication modes (openid, ldap).
A user's external roles must map to a single role (local or global). See LDAP and Active Directory Integration and Abiquo OpenID Connect Integration.
You can also set external scopes.
 Image Removed Image AddedAfter you create or clone a role, select the role name in the list and edit the privileges as required, then click Save. |