Maps Restriction

Brian,

If I understand you correctly, your city/office maps have a Visio of the LAN as the background image for the map.  That background image has the information you don't want to be seen by the wrong user.  If that is the case, the only way I would know how to solve the problem would be to create two additional maps, one for each company and create a new Menu Bar for each company that only loads the appropriate map for that company.  You would assign the users to the Menu Bar for their company in their user account settings. 

That's probably not the answer you were looking for, since it sounds like you have some pretty detailed maps.  There might be a better way to do this, but that's the only way I can think of off the top of my head. 

Actually, this scenario should be an excellent candidate for the use of account limitations in Orion. If you configure each user account with a node group limitation, the map will reflect that limitation in one of two ways. You can set the map to look the same for each user, but a given user will not have drill down access to nodes that the acct limitation restricts. You may also set the map to physiucally remove node icons that the user does not have access to.

Are you familiar with the process of setting up an account limitation?

Actually, this scenario should be an excellent candidate for the use of account limitations in Orion. If you configure each user account with a node group limitation, the map will reflect that limitation in one of two ways. You can set the map to look the same for each user, but a given user will not have drill down access to nodes that the acct limitation restricts. You may also set the map to physiucally remove node icons that the user does not have access to.

Are you familiar with the process of setting up an account limitation?

To kweise - You understood it perfectly and thank you for the reply. That is what I was affraid of what had to be done. Just a big task initially.

To borgan - I am familiar with the process of setting up account limitations for indvidual routers/switches/etc. but not for whole maps.  I would ideally love to be able to do account restrictions for a whole map in the same manner as an individual node or group of nodes. I have looked and not quite sure how that is possible. Just to make sure you were clear on what I was asking for is that I need the point of restriction to hit when they click on a map. In this case a state or a city from a specific state.  I have them restricted on the nodes so they can not drill down on detail for those.

Well, you could use the custom properties of city, state, etc to construct custom account limitations so that a user could only see and/or drill down to modes that are part of that group on a map. Am I getting closer? Or, are you saying that you don't even want the map to display if the user has no nodes of interest on that map?

That is correct, I don't want them to be able to see the map at all as it has the layout of the LAN for that specific site (that they have no control over or need to see anything about it). There is no real sensitive information such as usernames or passwords but it is how everything is connected with IPs.

Well, then I don't think there is any way to prevent a sublevel map from displaying altogether that I know of. You can try creating a node group account limitation consisting of all noes on a map and see what happens when the user drills down from the map level above, but I have not ever tried it. I'll test it out on my end and see what happens.

Hmmm, I am surprised they would not have a solution in place for this.  Perhaps in the future. I will just have to create duplicate maps and restrict them to just seeing the duplicate ones.

Anyone else have any ideas?