The TKE comes with IBM-supplied role definition files for each of the IBM-supplied roles that can be created on a TKE. When a TKE workstation crypto adapter is initialized, the IBM-supplied roles are created from the IBM-supplied definition files.
Guideline: To preserve the ability to restore IBM-supplied roles to their default settings, do not update IBM-supplied role definition files.
When a TKE workstation crypto adapter is initialized for use with passphrase profiles, five roles are created. The following table shows the names of the IBM-supplied role definition files that are used to create the roles.
| TKE Release | DEFAULT | KEYMAN1 | KEYMAN2 | TKEADM | TKEUSER |
|---|---|---|---|---|---|
| TKE 5.0 to 6.0 | default.rol | keyman1.rol | keyman2.rol | tkeadm50.rol | tkeuser42.rol |
| TKE 7.0 | default_70.rol | keyman1_70.rol | keyman2_70.rol | tkeadm_70.rol | tkeuser_70.rol |
| TKE 7.1 | default_71.rol | keyman1_71.rol | keyman2_71.rol | tkeadm_71.rol | tkeuser_71.rol |
| TKE 7.2 | default_72.rol | keyman1_72.rol | keyman2_72.rol | tkeadm_72.rol | tkeuser_72.rol |
| TKE 7.3 | default_73.rol | keyman1_73.rol | keyman2_73.rol | tkeadm_73.rol | tkeuser_73.rol |
| TKE 8.0 | default_80.rol | keyman1_80.rol | keyman2_80.rol | tkeadm_80.rol | tkeuser_80.rol |
When a TKE workstation crypto adapter is initialized for use with smart card profiles, three roles are created. The following table shows the names of the IBM-supplied role definition files that are used to create the roles.
| TKE Release | DEFAULT | SCTKEADM | KEYMAN2 |
|---|---|---|---|
| TKE 5.0 to 6.0 | tempdefault.rol | sctkeadm50.rol | sctkeusr.rol |
| TKE 7.0 | tempdefault_70.rol | sctkeadm_70.rol | sctkeusr_70.rol |
| TKE 7.1 | tempdefault_71.rol | sctkeadm_71.rol | sctkeusr_71.rol |
| TKE 7.2 | tempdefault_72.rol | sctkeadm_72.rol | sctkeusr_72.rol |
| TKE 7.3 | tempdefault_73.rol | sctkeadm_73.rol | sctkeusr_73.rol |
| TKE 8.0 | tempdefault_80.rol | sctkeadm_80.rol | sctkeusr_80.rol |