Hello,

This has to do with standard eDirectory rights assigned for Public. By default Public has browse rights from tree root. Either
remove the Browse right or set IRF's to the containers where roles, requests etc is stored.

This has been discussed in the forum a couple of times. Try searching for trustee or public.

Best regards,
Tobias
On 2012-06-27 10:36, sma wrote:
>
> I did a fresh install of IDM 4.01 + RBAC and it works fine, but I don't
> understand why any users can see all roles and resources when he goes to
> Work Dashboard -> Roles Assignments -> Assign roles :
>
> Here he can see all roles, included system roles.
>
> Off course, if a user wants to assign himself a System role the error
> message is : " Error: Failed to create 1 role assignment request(s).
> You are unauthorized for this operation." but I would prefer that only
> the roles and resources he is authorized to, are visible .
>
> I guess there is a rights configuration problem somewhere, but I don't
> find where.
>
> Any idea ?
>
> Thanks
>
> Sylvain
>
>