= Authorization Overview Once the server has been installed and tested, the next step is to define local authorization rules or policies. These policies control who is authenticated and what actions they are authorized to perform. The creation and maintenance of these policies is often the most complicated and time consuming part of the job of an administrator. As there is little documentation available to guide policy creation, this is usually a frustrating experience for administrators. A set of methods that allow administrators to quickly create policies that are well understood and therefore safe to use are also described below.