After adding an external AD source to Ops Center Administrator, you can assign Ops Center Administrator roles to user groups.
You can assign more than one role to a user group. In this case, the users in the group will have permissions for multiple roles.
After a role is assigned to a user group, you can change the role assignment and save it.
Note: A user with the following roles can run any task in
Storage Navigator launched from
Ops Center Administrator:
- System Administrator
- Storage Administrator
- Security Administrator
- Click Settings and select Security Settings to open the Security window.
-
In the
Group Name field, type in a user group name from the account domain. Partial matches automatically populate the field.
-
In the
User Role field, select an
Ops Center Administrator user role:
- SecurityAdministrator: Includes privileges needed for the following:
- Addition, administration, and deletion of remote account domains.
- User role assignment to groups.
- Read-only privileges to monitor everything in
Ops Center Administrator.
- SystemAdministrator: Includes privileges needed for the following:
- Addition, administration, and deletion of
servers, storage, and fabric switches, onboarding of storage (block
storage with or without NAS modules), SNMP manager, and
tier management.
- Addition, administration, and deletion of
parity groups and
port configurations.
- Addition, administration, and deletion of virtual file server
resource groups.
- Read-only privileges to monitor everything in
Ops Center Administrator.
- StorageAdministrator: Includes privileges needed for storage provisioning and data protection:
- Addition, administration, and deletion of pools.
- Addition, administration, and deletion of volumes, including creating, attaching to servers, and data protection.
- Read-only privileges to monitor everything in
Ops Center Administrator.
- MonitoringRole: Read-only privileges to monitor everything in
Ops Center Administrator.
-
Click
Submit.
The changes take effect immediately. Roles of the accounts related to
the updated user group that are currently logged in will be updated from the
next login.
As an example, let's say that there is a user group named "IT" in the account domain with members that must perform security functions in Ops Center Administrator. To assign security administration privileges to all members of the "IT" group, assign the User Role "SecurityAdministrator" to the group.