Based upon the above attribute descriptions and functions, specific roles might be granted the following permissions:
Complete SecureLogin Management:
protocom-SSO-Auth-Data = Read and Write
protocom-SSO-Entries = Read and Write
protocom-SSO-Entries-Checksum = Read and Write
protocom-SSO-Security-Prefs = Read and Write
protocom-SSO-Security-Prefs-Checksum = Read and Write
Script, Credentials, and Clear Object Data administration:
protocom-SSO-Auth-Data = Read and Write
protocom-SSO-Entries = Read and Write
protocom-SSO-Entries-Checksum = Read and Write
Depending on the needs of your organization, these permissions can be assigned to specific users or groups at an organizational unit level. The following discussion demonstrates the creation of a SecureLogin Administration group and the delegation of permissions to an organizational unit that is one level below the top level organizational units in the Directory hierarchy.