Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01 Manual page 62

Configuring Secure Access Devices Guide
44
Table 11: Administrator Role Configuration Details (continued)
Option
Session Options
UI Options
Delegated Users Settings > Roles > Delegate User Roles
Administrators can manage
ALL roles
Access
Delegated Users Settings > Roles > Delegate As Read-Only Role
Administrator can view (but
not modify) ALL roles
Delegated Users Settings > Realms > Delegate User Realms
Administrator can manage
ALL realms
Function
Specifies the maximum
session length, roaming
capabilities, and session
persistence.
Specifies customized settings
for the Secure Access device
welcome page for Odyssey
Access Client users mapped
to this role.
Specifies whether the
administrator can manage all
roles.
Specifies which user role
pages the delegated
administrator can manage.
Allows the administrator to
view the user roles, but not
manage.
Specifies whether the
administrator can manage all
user authentication realms.
Copyright © 2010, Juniper Networks, Inc.
Your Action
Select General > Session
Options to apply the settings to
the role.
Select General > UI Options to
apply the settings to the role.
Select the user roles in the
Non-members list and click Add
if you only want to allow the
administrator role to manage
selected user roles
Select an access option from
the drop-down list.
Select Write All to specify
that members of the
administrator role can modify
all user role pages.
Select Custom Settings to
allow you to pick and choose
administrator privileges
(Deny, Read, or Write) for the
individual user role pages.
Select the user role that you
want to allow the administrator
to view.
NOTE: If you specify both write
access and read-only access for
a feature, the Secure Access
device grants the most
permissive access.
Select the user realm. If you only
want to allow the administrator
role to manage selected realms,
select those realms in the
Members list and click Add.