Domain administrators interact with Unwired Platform to manage domain artifacts such as packages, subscriptions, connections, and so on.
Sybase Control Center limits access to domain administrator to only those domains that the login has been assigned access to. This requires the platform administrator to:
- Register users’ logins as domain administrators.
- Assign the necessary physical role to the domain administrator login in the underlying security provider in the admin security configuration.
- Enforce the authorization control by mapping the physical role to the ‘SUP Domain Administrator’ logical role in the admin security configuration in the default domain in Sybase Control Center.
By default the supDomainAdmin login can be used to access the
default domain. Setup requirements vary depending on the environment you administer:
- If you are administering a personal or enterprise development environment or an OpenDS LDAP server, the login is already configured with the SUP Domain Administrator physical role. This phyisical role is then automatically mapped to the SUP Domain Administrator logical role in the admin security configuration in the default domain.
- If you are administering a deployment environment, you must set up the physical role mapping for the SUP Domain Administrator logical role and ensure that the logins that need domain administration access are assigned membership to one of the mapped physical roles. Once that is configured, only logins with the mapped physical role have access to Unwired Server as domain administrator.
Note: Sybase recommends that you reserve the default domain for internal use, and do not share it with tenants.