new_role

Use the new_role command to create a new role for the current zone and set the new role as the currently selected role in memory. The new role has no field values set. The new_role command does not save the new role to Active Directory. To save the new role, you must use save_role. If you don’t save a new role, it will disappear when you select another role or when the ADEdit session ends.

You can only use the new_role to create a role if the currently selected zone is a classic4 or hierarchical zone. The command does not work in other types of zones.

Zone type

Classic and hierarchical

Syntax

new_role name

Abbreviation

newr

Options

This command takes no options.

Arguments

This command takes the following argument:

Argument	Type	Description
name	string	Required. Specifies the name to assign to the new role.

Return value

This command returns nothing if it runs successfully.

Examples

new_role customerservice

This example creates a new role named customerservice in the current zone.

Related commands

Before you use this command, you must have a currently selected zone stored in memory. The following commands enable you to view and select roles:

• get_roles returns a Tcl list of roles in the current zone.
• list_roles lists to stdout the roles in the current zone.
• select_role retrieves a role from Active Directory and stores it in memory.

After you have a role stored in memory, you can use the following commands to work with that role:

• add_command_to_role adds a UNIX command to the current role.
• add_pamapp_to_role adds a PAM application to the current role.
• delete_role deletes the selected role from Active Directory and from memory.
• get_role_apps returns a Tcl list of the PAM applications associated with the currently selected role.
• get_role_commands returns a Tcl list of the UNIX commands associated with the current role.
• get_role_field reads a field value from the currently selected role.
• list_role_rights returns a list of all UNIX commands and PAM application rights associated with the current role.
• remove_command_from_role removes a UNIX command from the current role.
• remove_pamapp_from_role removes a PAM application from the current role.
• save_role saves the selected role with its current settings to Active Directory.
• set_role_field sets a field value in the currently selected role.