Versions Compared

Old Version 1

changes.mady.by.user Dhiraj Kumar

Saved on

compared with

New Version Current

changes.mady.by.user Dhiraj Kumar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

PBAC Membership policies are policies you create to specify the conditions under which an EmpowerID actor, such as a person or a Business Role and Location can be added to or potentially added to Management Roles, groups, Business Roles and Locations, or Query-Based Collections. PBAC Membership policies are comprised of Attribute-Based membership policies, which contain rules defining the field types, field type values, and rights needed by users for the system to add them to the target of the policy. In this article, we discuss the components of PBAC Membership policies and how to create and use them.

...

PBAC Membership policies

...

PBAC Membership policies can be created in two different ways: They

  1. Using the view one page of the roles, groups, and collections

  2. Using the role modeling inbox page (global policy)

Method 1 - Create using the view one page of the roles, groups, and collections

PBAC Membership policies can be created on the View One pages view one page of the roles, groups, and collections that are the target of the policy. In the below example, we demonstrate how to create a policy using the view-one page of a group that is the target of the policy.

  1. On the navbar, expand Identity Administration and select Groups.

  2. Search for a group name.

    Image Added

  3. Click on the group logon name hyperlink to open the group’s view-one page.

    Image Added

  4. Select the Advanced tab and scroll down to select Attribute-Based Membership Policies.

    Image Added

  5. Click on the + icon in the above image to create a new membership policy for this group. The below page will open. Enter the name of the policy, select a policy

...

  1. type. Check the IsEnable check box. Select the minute interval with 15 min and click on Save.

    Image Added

  2. This will create the PBAC membership policy and queue it for compilation.

    Image Added

Method 2 - Create using the role modeling inbox page (global policy)

PBAC Membership policies can be created globally on the Role Modeling Inbox role modeling inbox page of EmpowerID. In the below example, we demonstrate how to create a policy on the Role Modeling Inbox using the role modeling inbox page.

  1. On the navbar, expand Role Management and select Role Modeling Inbox.

  2. Select the Attribute-Based Membership Policies tab and then click the Add button on the grid header.


    This opens the Policy Form, which is where you add the information necessary to create the policy.


    The form contains the following fields:

    Insert excerpt
    IL:Attribute-Based Membership Policies Fields
    IL:Attribute-Based Membership Policies Fields
    nopaneltrue

  3. Enter the information appropriate for your situation and then click Save to create the policy.

...

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue

Related

Add a PBAC attribute to a PBAC membership Policy

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue