Defined roles in IDM are just that, roles that are defined by an IDM user. Defined roles are a powerful mechanism that makes it easy to enable access to the proper LC hosts and groups based on the user's project. When a new person is added to a project, they only need to be added to the associated defined role, which would then automatically grant all of the needed host and group permissions.  

Creating a Defined Role

An LC Coordinator can request the creation of a new defined role by sending a request to the LC IDM team at The information needed for a request includes:

  • The name of the role
  • Which networks the role is needed in (OCF, SCF, SNSI)
  • The LC groups and LC hosts which are associated with the role (i.e., the access being granted by membership in the role)
  • The ouns of the people who can approve membership changes for this role
  • Required membership traits (e.g., US citizen, Q-Clearance)

Adding or Removing Members of a Defined Role

See IDM—Add or Remove Role Members to manage role membership.