Hello all

I have one remaining question regarding RBAC since we will start
migrating to AIX 6.1 in Q4 of 2008.
Since we are using LDAP users, does this mean that whenever you give a
role to an LDAP user, the LDAP user gets the role for all AIX 6.1
What I am currently searching for is a replacement for SUDO, which
allows you to grant access to command A on node X but not on node Y.
So my question is, is this granularity possible with RBAC in AIX 6.1,
giving f.e. the FSChange role to LDAP user X where user X can do
FSChange related commands on node A but node on node B?

Thanks a lot!