beautypg.com

6 users and authorizations, User configuration rights, Users and authorizations tabs – HP Systems Insight Manager User Manual

Page 123: Users and authorizations

background image

6 Users and authorizations

NOTE:

Users

that have been added to the

Central Management Server

(CMS) cannot view or manage

systems until

authorizations

have been configured for them.

NOTE:

HP-UX and Linux-provided command line tools, such as ls and df, are run as root by default. For

security reasons, you might want them to run as a specific user to avoid permitting unintended capabilities
to a user.

HP Systems Insight Manager (HP SIM) enables you to configure authorizations for specific users or user
groups. Authorizations give the user access to view and manage systems. Each authorization specifies a
user or user group, a toolbox, and a system or system group. The specific set of tools that can be run against
a system is specified in the assigned toolbox.

It is important that you plan which systems each user is going to manage and which specific set of

tools

the

users are authorized to execute against the managed systems. A user with no toolbox authorizations on a
system cannot view or manage that system.

Authorizations are additive. If a user is authorized on Toolbox1 on a system and is also authorized for
Toolbox2 on the same system, the user is authorized for all tools in both Toolbox1 and Toolbox2 on that
system. Similarly, a user authorized for the All Tools toolbox needs no other toolbox authorization on that
system because the All Tools toolbox always includes all tools.

See these general steps as a guideline for setting up user names and authorizations in the following sections:

1.

“Configuring automatic discovery”

2.

“Creating new users”

3.

“Creating new user groups”

4.

“Creating new toolboxes”

5.

“Creating new authorizations”

User configuration rights

HP SIM provides the following configuration rights:

Full configuration rights. Enables total user control of the

database

. Users can run

discovery

of systems

and

data collection

; define users and authorizations; set

Cluster Monitor

configuration; configure

licensing and protocol settings; and create, modify, delete, and run reports, snapshot comparisons,
tools, custom tools, events, automation tasks, and so on.

Limited configuration rights. Enables the user to create, edit, and delete reports (including predefined
reports).

No configuration rights. Enables the user to view and run predefined reports on systems they have been
authorized to view only. A user without configuration rights cannot execute any actions to affect the
system

database

.

Users and authorizations tabs

The Users and Authorizations tabs offer the following options:

Add, edit, and delete users and user groups, and view and print user reports. Select
Options

SecurityUsers and AuthorizationsUsers.

Add, edit, and delete toolboxes, and view and print toolbox reports. Select Options

SecurityUsers

and Authorizations

Toolboxes.

Add and delete authorizations, and view and print authorization reports. Select
Options

SecurityUsers and AuthorizationsAuthorizations.

User configuration rights 123