Role object management commands

You can use the following role object commands to create, select, save, and delete role objects and manage role properties in the currently selected zone.

Command	Description
add_command_to_role	Adds a privileged command to the currently selected role.
add_pamapp_to_role	Adds a PAM application right to the currently selected role.
delete_role	Deletes the selected role from Active Directory and from memory.
get_role_apps	Returns a Tcl list of the PAM applications associated with the currently selected role.
get_role_commands	Returns a Tcl list of the privileged commands associated with the currently selected role.
get_role_field	Returns the value for a specified field from the currently selected role.
get_roles	Returns a Tcl list of roles in the current zone.
list_role_rights	List all privileged commands and PAM applications associated with the currently selected role in `stdout`.
list_roles	Lists all roles in the currently selected zone along with object data for each role in `stdout`.
new_role	Creates a new role and stores it in memory as the currently selected role.
remove_command_from_role	Removes a privileged command from the currently selected role.
remove_pamapp_from_role	Removes a PAM application from the currently selected role.
save_role	Saves the selected role with its current settings to Active Directory.
select_role	Retrieves a role from Active Directory and stores it in memory as the selected role.
set_role_field	Sets the value for a specified field in the currently selected role.