Assigning user roles

Ops Center Administrator User Guide

Version
10.9.x
File Size
6.6 MB
Audience
anonymous
Part Number
MK-99ADM001-17

After adding an external AD source to Ops Center Administrator, you can assign Ops Center Administrator roles to user groups.

You can assign more than one role to a user group. In this case, the users in the group will have permissions for multiple roles.

After a role is assigned to a user group, you can change the role assignment and save it.

Note: A user with the following roles can run any task in Storage Navigator launched from Ops Center Administrator:
  • System Administrator
  • Storage Administrator
  • Security Administrator

Verify that you added an account domain as described in Adding an account domain.

  1. Click Settings and select Security Settings to open the Security window.
  2. In the Group Name field, type in a user group name from the account domain. Partial matches automatically populate the field.
  3. In the User Role field, select an Ops Center Administrator user role:
    • SecurityAdministrator: Includes privileges needed for the following:
      • Addition, administration, and deletion of remote account domains.
      • User role assignment to groups.
      • Read-only privileges to monitor everything in Ops Center Administrator.
    • SystemAdministrator: Includes privileges needed for the following:
      • Addition, administration, and deletion of servers, storage, and fabric switches, onboarding of storage (block storage with or without NAS modules), SNMP manager, and tier management.
      • Addition, administration, and deletion of parity groups and port configurations.
      • Addition, administration, and deletion of virtual file server resource groups.
      • Read-only privileges to monitor everything in Ops Center Administrator.
    • StorageAdministrator: Includes privileges needed for storage provisioning and data protection:
      • Addition, administration, and deletion of pools.
      • Addition, administration, and deletion of volumes, including creating, attaching to servers, and data protection.
      • Read-only privileges to monitor everything in Ops Center Administrator.
    • MonitoringRole: Read-only privileges to monitor everything in Ops Center Administrator.
  4. Click Submit.
    The changes take effect immediately. Roles of the accounts related to the updated user group that are currently logged in will be updated from the next login.
As an example, let's say that there is a user group named "IT" in the account domain with members that must perform security functions in Ops Center Administrator. To assign security administration privileges to all members of the "IT" group, assign the User Role "SecurityAdministrator" to the group.