Add flexibility and power to traditional group-based authorization models
Roles provide a rich and flexible authorization mechanism when delegating tasks to users or Help Desk staff. Traditionally, roles are based on group membership and are applied to a specific feature to allow a user access to that feature - if they are a member of the appropriate group.
rDirectory expands on the familiar group-based authorization model by adding the ability to define access based on three role types.
- Group-Based Roles - Similar to the default authorization model, group-based roles are supported for any security groups in Active Directory.
- Relationship-Based Roles - Custom expressions are used to leverage existing relationships in the directory when delegating tasks to users.
- Claim-Based Roles - Custom Expressions allowing a user to utilize the value of a specific attribute to access information.
Using rDirectory’s role-based access controls, you can confidently delegate to your users the routine tasks that typically consume valuable IT and Help Desk time.