PBAC Membership policies are comprised of Attribute-Based membership policies, which contain rules defining the field types, field type values, and rights needed by users for the system to add them to the target of the policy. In this article, we discuss the components of PBAC Membership policies and how to create and use them.
Add a PBAC Attribute to a PBAC Membership Policy
You can add a PBAC attribute to an existing PBAC membership policy. In the previous step, we created a PBAC membership policy for a group. In this post, we are going to add the attribute to that PBAC membership policy. Therefore let us follow the below steps.
On the navbar, expand Identity Administration and select Groups.
Search for the group name.
Click on the group’s logon name link to open the group’s view-one page. Select the Advanced tab.
Scroll down. Under the Membership tab, select Attribute-Based Membership Policies and you can see the PBAC Membership policies attached to this group.
Click on the Name link of the PBAC Membership policy you want to add an attribute to. This will open the view-one page of this PBAC membership policy. Select the Attribute Conditions (Field Types) link.
Click on the + icon to add an attribute to this policy that you added to the person earlier. Search for the name of the PBAC membership policy and select it. Select the two values ( sales and IT) check boxes. Select the checkbox If matches all values. Click Save.
The attribute is now added to the PBAC membership policy type.
After the PBAC membership policy is compiled, it will add the person to the group. This can be checked at the view-one page of the group( for which the policy was created). Select the Group Members link. We can see that the person( to which the PBAC attribute was added) is now member of this group.
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
...