Groups
This is a group of users, the members of which will receive the authorization policy defined for the particular group.
A group is made up of User accounts.

Steps:

1. Create a new Group.

2. You'll be asked to type in a group name and description.

3. Then you can define the members of this group

Roles

A role is defined by the permissions that are required to perform a task/action.

Steps:

1. Select New Role Definition to create a new role definition

2. The Role Definition dialog box will appear, and you will need to define a name for the role, a description (if desired)

Creating Role Assignments

After you have defined roles, you can then create role assignments. This is a way of associating groups (of users) with roles that you have defined.
The members in that group will be associated with the role you have defined, and will be authorized to perform the tasks that are part of that role.

Steps:

1. Select a Group in the Group viewer.

1. Right click on the selected Group and choose the Select Assign Roles command.

2. In the Add Role dialog box, add the roles assigned to the Group.

Role assignment is possible for Users to. Repeat the above steps from the User viewer.

These operations are available only for users in the Administrators group.