beautypg.com

Operator role and group, Service group – H3C Technologies H3C Intelligent Management Center User Manual

Page 36

background image

20

Operator role and group

Access to IMC functions can be granted or restricted according to operator roles. IMC has the following

operator roles with different management privilege levels: administrator, maintainer, and viewer. The

administrator has the right of Operator Management to modify the management privileges of the
maintainer and viewer roles.
An operator group and all its operators are granted management privileges by the operator role. For

more information about operator groups, see H3C IMC Base Platform Administrator Guide.

Service group

The Service Group function is provided in UAM to grant or restrict access to IMC functions based on

service groups. The service groups to which IMC functions are assigned can be configured with specific

operators for group management.
An administrator can specify a service group for a function module. A maintainer or viewer can only

select a service group they can manage for a function module. For more information about service

groups, see H3C IMC User Access Manager Administrator Guide.

Decentralized management by operator and service groups

The operator groups and service groups both affect operators' permissions. The management rights of an

operator are determined by the following:

Operator group to which the operator belongs.

Service groups the operator can manage.

Table 9

and

Table 10

are examples of operator and service groups. The service groups are created by

Operator A.

Table 9 Operator groups and management rights

Operator Role

Operator group

Management rights

Operator A

Administrator

Administrator
group

The operator has the following management rights:

IMC Platform > Resource > System > Operator

Management

UAM > User > Service Group >

View/Add/Modify/Delete

EAD > User > User Security Policy > Security Policy >

View/Add/Modify/Delete

EAD > User > User Security Policy > Registry
Control > View/Add/Modify/Delete

Operator B1 Maintainer

Maintainer group
B1

The operator has the following management rights:

EAD > User > User Security Policy > Security Policy >

View/Modify

EAD > User > User Security Policy > Registry

Control > View/Add/Modify/Delete

See also other documents in the category H3C Technologies Safety: