Background:
We have two network teams- Core - full access to routers & switches.
Access Team- access to only switches for config purposes and the ability to SSH to a switch.
Wanted resolution:
The ability to see routers on the new Orion maps for up/down and visibility status.
They can be allowed to see routers in lists- even NPM stats- but we don't want to let them see configs.
I used "ACCOUNT LIMITATIONS" to drop all routers.
Result, this also took visibility from Orion Maps- this is desired.
They cannot see links from switches to routers- this is desired.
Using ACCOUNT LIMITATIONS was not ideal.
We have a folder of switches and routers.
It would be nice to be able to select the created group of "Routers" and "Switches" rather than to have to click all the way through inventory, which was a large task for this organization.
-We have a naming convention of s1, s2, s3 for our switch stacks. In trying to allow permissions and wanting to make it dynamic, I tried a wildcard of *s1* and it did not pull anything. I also saw there were only 3 account limitations allowed. This is not good for when I need to allow *u* for UPS.
In need of assistance with:
Is there way to let them have full node visibility, but access to switch configs only?
Is there a way to choose a folder group in, "ACCOUNT LIMITATIONS" or better use of wildcard?
I really wish there was a way to copy a user account for a new user account- is there?
Thank you,
Jamie
