Overview of Operators
This section describes operators for subscribers and subscriptions. You can also configure operators for various SRC components. For information about setting up a multilayered access control scheme for operators, see SRC-PE Integration Guide, Chapter 8, Access Control Scheme.
In relation to subscribers and subscriptions, an operator is an object in the directory that represents an IT manager in an organization or a manager who works for a wholesaler and has control over all retailers. Retailers, subscriber folders, enterprises, sites, and accesses can support one or more operators.
When you add an enterprise with SDX Admin, the software creates a default operator for that enterprise. You can add additional operators for enterprises and create operators for retailers, subscriber folders, sites, and accesses.
You can also add an operator that has control over all retailers. See Operators That Control All Retailers.
Operator Read Privileges
Operators have privileges to read:
- The objects they control
- Parent subscribers, up to the retailer
- Subscriptions of parent subscribers, up to the retailer
- All objects that represent services, service scopes, policies, and global variables that are defined for the subscriber to which the operator is added
Operator Management Privileges
You can specify one or more management privileges for operators. If you do not specify privileges for an operator, the operator has only read privileges. The default operator that SDX Admin adds to an enterprise has the highest privilege level, called administrator. Table 8 shows the privilege levels and the privileges associated with the levels.
Add, delete, and modify substitutions in subscribers and subscriptions
An operator has management privileges for its associated subscriber and for that subscriber's subordinate objects. For example, operators in an enterprise have control over the enterprise and all sites and accesses in the enterprise. Similarly, operators in a site have control over the site and all accesses it contains. Operators in an access have control over only that access.
For example, in the directory shown in Figure 3, the operator substitutionMgr:
- Can manage substitutions of the site called Ottawa and its subordinate objects.
- Has read access to all services, service scopes, policies, and global variables that are defined for the site called Ottawa.
- Has read access to the site called Ottawa and its subordinate objects.
- Has read access to the parent subscribers: the enterprise ABCInc, the subscriber folder local, and the retailer default.
- Has read access to the subscriptions of the parent subscribers.
![]()