General roles are the default role type, whose permissions are automatically applied (if applicable) to all objects in Micetro, present and future.
To create a General role, follow the instructions on roles, and select the General type from the dropdown in the role creation dialog.
Example: The general role DNS editor has the permission Edit zone
options enabled. Any DNS zone-type object in Micetro, whether
existing or future, will be accessible to users/groups assigned to this role.
Built-in roles
Micetro has nine built-in general roles that cover most access control use cases. Built-in roles cannot be deleted, but their permissions can be modified. These roles include the following:
- Administrators
- Full access to all objects
- DNS Administrators
- Full access to DNS objects, including zones, DNS servers, etc.
- DHCP Administrators
- Full access to DHCP objects, including scopes, DHCP servers, etc.
- IPAM Administrators
- Full access to IPAM objects, including IPAM ranges, etc.
- User Administrators
- Full access to User and Group objects.
- DNS viewers
- Can view DNS objects and information, but cannot make changes.
- IPAM viewers
- Can view IPAM and DHCP objects and information, but cannot make changes.
- Requesters
- Can make and queue DNS change requests. Refer to Workflow.
- Approvers
- Can view and approve/deny submitted DNS change requests. Refer to Workflow.