CdmRole

Represents a authentication and privilege elevation role. This object is only applicable in hierarchical zones. The following properties are defined for this object.

Property Type Description

AllowLocalUser

Boolean

True if the role can be assigned to a local user.

AuditLevel

string

Audit setting for this role.

CustomAttributes

string

Custom text strings for the role.

Description

string

Description of the role.

HasRescueRight

Boolean

True if this role can operate without being audited in case of audit system failure.

Name

string

Name of the role.

PreferredServer

string

Preferred server to use for committing changes to Active Directory.

TimeBox

Hashtable

Active time of the role.

RequireMfa

Boolean

True if the role requires multi-factor authentication.

UnixSystemRights

string[]

UNIX system rights granted to the role.

WindowsSystemRights

string[]

Windows system rights granted to the role.

Zone

CdmZone

Containing zone.