Add role assignments to the computer role

If you have created the appropriate Active Directory groups and role definitions that you want to assign, you can now assign the roles to set of users as required.

To add role assignments to users in Active Directory groups:

  1. Expand the computer role you just created, for example, expand OracleServers.
  2. Select Role Assignments, right-click, then click Assign Role.
  3. Select the role definition from the list of roles, then click OK.

    For example, select the Oracle_DBAs role definition. By default, the role is set to start immediately and never expire. You can set a Start time, End time, or both start and end times for the role assignment. For example, if the role applies to a contractor who will be hired for a specific amount of time and you want to automatically disable the role after they finish the job and leave the organization, you can specify the start and end times when you assign the role.

  4. Select whether the role assignment applies to all Active Directory accounts, all local accounts, or specific Active Directory and local accounts, then click OK to complete the role assignment.

    For example, to assign the Oracle_DBAs role to the Active Directory OracleServers_Role_DBAs security group, click Add AD Account. You can then select Group to search for the group, select it from the results, then click OK.

  5. Repeat Step 1 through Step 4 for each group that you want to add to this computer role. For example, repeat the steps to assign the Oracle_AppUsers role to the OracleServers_Role_AppUsers security group and the Oracle_Backup role to the OracleServers_Role_Backup security group.

  6. Select the Role Assignments node to see all of the role assignments you have defined for groups associated with the computer role.

  7. Select the Members node to see the computers or groups of computers to which the role assignments apply.