Before you begin
The following steps are needed to assign users to administrative roles.
Why and when to perform this task
In the administrative console, click System Administration > Console settings. Click either Console Users or Console Groups.Steps for this task
What to do next
The task of assigning users and groups to administrative roles is performed to identify users for performing WebSphere Application Server administrative functions. Administrator roles are used to control access to WebSphere Application Server administrative functions. There are four roles: administrator, configurator, operator and monitor.Users assigned to the configurator role can perform all of the day-to-day configuration tasks including installing and uninstalling applications, assigning users and groups to role mapping for applications, setting run-as configurations, setting up Java 2 security permissions for applications, and customizing Common Secure Interoperability Version 2 (CSIv2), Security Authentication Service (SAS), and Secure Sockets Layer (SSL) configurations.
Before you assign users to administrative roles (administrator, configurator, operator, and monitor), you must set up your user registry, which can be Lightweight Directory Access Protocol (LDAP), local OS, or a custom registry. You can set up your user registries without enabling security.
After you assign users to administrative roles, you must restart the Deployment Manager for the new roles to take effect. However, the administrative resources are not protected until you enable security.
Related concepts
Role-based authorization
Access control exception
Administrative console and naming service authorization
Related tasks
Assigning users and groups to roles
Assigning users to RunAs roles
Related reference
syncNode command
startNode command