Previous Topic: Add Member and Scope RulesNext Topic: Add and Remove Actions


Member Policies

A member policy defines the users that can carry out the tasks in a role. A member policy contains the following:

For example, admin roles, connection, privileged accounts, and policies are all objects. You can specify many other objects in scope rules. Each member policy can have more than one member rule, and each member rule can have more than one scope rule.

Example: A Member Policy for New York CA ControlMinder Host Managers

Don Hailey is the IT Manager for Forward, Inc and has the System Manager admin role. Don wants to create an admin role that lets employees with the CA ControlMinder Host Manager admin role in New York manage hosts and host groups in Forward, Inc New York offices only. All New York employees are members of the NY employees group, and the names of all the hosts and host groups in New York begin with the letters NY.

Don creates the following member policy. The member policy contains two member rules. The first member rule contains no scope rules. The second member rule contains two scope rules: