The System Security Officer or user can determine whether to activate roles granted by default at login.
Roles must be active to have the access privileges of each role. Depending on the default set for a role, the role may or may not be active at login.