Table of ContentsView in Frames

Modifying an existing role or its capabilities

You can modify an existing role's capabilities or its comments.

About this task

When you use the useradmin role modify command to modify an existing role, whatever capabilities were previously assigned to that role are replaced with the capabilities you supply in the command.

Steps

  1. Enter the following command:
    useradmin role modify role_name [-c comments] -a capability1[,capability2...] [-f]

    role_name is the name of the role that you want to modify.

    comments is a short string you can use to document this role.

    The capability parameters are the types of access you want to grant to this role.

    The -f option forces the change without a warning.

    Example

    The following command line assigns the role “class2loginrights” telnet capabilities, console login capabilities, and all CLI capabilities, while removing any other capabilities that the role was granted previously.

    useradmin role modify class2loginrights -c “This role is for telnet and console logins” -a login-telnet,login-console,cli-*

  2. To verify the success of the operation, enter the following command:
    useradmin role list role_name

    The capabilities allowed for the specified role are listed.