Roles that Can Perform This Task: Cloud Administrator |
When a user self registers, his or her user account is created without any role assignments. You can manually assign roles to the user after the account is created, but this negates much of the administrative benefit gained by allowing the user to self register.
To receive the maximum benefit of self registration, you can assign roles to users through the use of LDAP user groups. By assigning roles to LDAP user groups, you can ensure that LDAP users who are members of those groups automatically inherit those roles when they self register.
To automate role assignments for self-registered users:
In your LDAP source, create the LDAP user groups you want.
For example, in the LDAP directory used for authenticating System users, you could create an LDAP user group for Cloud Administrators, another for Zone Administrators, and another for Build Administrators. In the LDAP directory used for authenticating an organization’s users, you could create LDAP user groups for Organization Managers and Business Service Owners.
Add the appropriate LDAP users to each LDAP user group.
For example, if you created a Business Service Owners group, add the users who are Business Service Owners for the organization.
Add the LDAP user groups to Cloud Manager using one of the following methods:
Import the user group information from LDAP. For instructions, see Importing System User Groups from LDAP and Importing Organization User Groups from LDAP.
Create the user groups by manually adding group information, including the distinguished name of the user group in LDAP. For instructions, see Manually Creating System and Organization User Groups.
Assign roles to the user groups. For instructions, see Assigning Roles to Users and Groups.