beautypg.com

About user roles – HP XP Command View Advanced Edition Software User Manual

Page 80

background image

Permissions and management roles

In addition to the built-in account (user ID:

System

), there are permissions that grant access to all

Replication Manager functions. Permissions can be allocated in any combination, but are broad in
nature and do not control access to individual functions. The following table groups the permissions
into two categories known as management roles.

Description

Permission

Management
role

This role permits the user to log in to and use all P9000 Command
View AE Suite products and to set up users. By default, users who
have the Admin (user management) permission cannot perform any
Replication Manager operations other than user management. To
perform other operations, such users must be granted the Replication
Manager Management permissions.

Admin

User Management

This role is used to set up Replication Manager resources and the
accessible ranges (resource groups) for all users, including oneself.
This role also permits the user to perform all administrative tasks
within the resource groups except specifying user settings.

Admin

Replication Man-
ager Management

This role permits the user to manage the resources in resource groups
set up by users who have the Admin permission of the Replication
Manager Management role.

Modify

This role permits the user to view the resources in resource groups
set up by users who have the Admin permission of the Replication
Manager Management role.

View

User roles

User roles permit more granular assignment of privileges to users (access to specific functions in
Replication Manager rather than entire areas of administration). For example, one user can be
authorized to create backups (replicas), but not restore them. To understand user roles and how they
are assigned, see “

About user roles

” on page 80 and

About permissions and user roles

” on page 82.

Resource groups

In addition to management roles and user permissions, access control is implemented in the form of
resource groups, which restrict the range of resources that specific users can access. For details, see

Relationships between resource groups and user permissions

” on page 88.

Related topics

Explorer menu items for user management

, page 340

Changing user roles

, page 342

User management functions

, page 339

About user roles

User roles make it possible to grant privileges that are more granular than permissions. Rather than
blanket privileges like Admin, each user role has a specific set of operations that are permitted. Roles

Setting up authorities

80