new_role
Use the new_role
command to create a new role for the current zone and set the new role as the currently selected role in memory. The new role has no field values set. The new_role
command does not save the new role to Active Directory. To save the new role, you must use save_role
. If you don’t save a new role, it will disappear when you select another role or when the ADEdit session ends.
You can only use the new_role
to create a role if the currently selected zone is a classic4 or hierarchical zone. The command does not work in other types of zones.
Zone type
Classic and hierarchical
Syntax
new_role name
Abbreviation
newr
Options
This command takes no options.
Arguments
This command takes the following argument:
Argument | Type | Description |
name |
string |
Required. Specifies the name to assign to the new role. |
Return value
This command returns nothing if it runs successfully.
Examples
new_role customerservice
This example creates a new role named customerservice
in the current zone.
Related commands
Before you use this command, you must have a currently selected zone stored in memory. The following commands enable you to view and select roles:
- get_roles returns a Tcl list of roles in the current zone.
- list_roles lists to
stdout
the roles in the current zone. - select_role retrieves a role from Active Directory and stores it in memory.
After you have a role stored in memory, you can use the following commands to work with that role:
- add_command_to_role adds a UNIX command to the current role.
- add_pamapp_to_role adds a PAM application to the current role.
- delete_role deletes the selected role from Active Directory and from memory.
- get_role_apps returns a Tcl list of the PAM applications associated with the currently selected role.
- get_role_commands returns a Tcl list of the UNIX commands associated with the current role.
- get_role_field reads a field value from the currently selected role.
- list_role_rights returns a list of all UNIX commands and PAM application rights associated with the current role.
- remove_command_from_role removes a UNIX command from the current role.
- remove_pamapp_from_role removes a PAM application from the current role.
- save_role saves the selected role with its current settings to Active Directory.
- set_role_field sets a field value in the currently selected role.