Making a user into a role member
Use ACL/Role Manager to add users only in exceptional circumstances. For example, when your organization upgrades from basic to advanced security or when reinstating a user whose certificate has been revoked.
In normal circumstances, use Certificate Manager to add users by issuing their user certificates.
You cannot issue a user certificate to a user who has been added with the ACL/Role Manager.
When building your ACLs, it is usually best to set up your complete role structure before identifying the users who belong to roles. After the role structure is in place, identify user members in one of these ways:
- Modify each role to add the users that belong to it. If one role belongs to another, then adding a user to the member role automatically adds that user to the other role.
- Modify each user to specify which roles to which that user belongs.
To identify role membership by modifying a user: