You cannot currently do this today, this is an open enhancement request. Currently you can only give a user one of 4 roles which gives them different permissions within IPAM to do things, but they can see everything.
We need to be able to limit what departments can see what subnets. Is there a fast/easy way to generate multiple reports automatically (have a /16 that needs to be broken into /24s and smaller), so we can drop different reports into specific departmental folders?
Have you tried creating custom reports in the Report Writer? You can use this to create custom reports that meet your specific needs. You can also convert these reports to web resources in Orion.
Yes, I can do that. But we have a two /16's and a /8's split into many, many /23s through /30s. With different departments needing to see different networks. Manually creating individual reports for each network will take an unreasonable amount of of time to complete.
Understandable. It would help if you could walk me through the steps of how you would envision being able to accomplish this without having to create each report individually. This is an interesting idea...
Add a check box to a network's, supernet's and group's properties to make available via report. Then add a reports directory drop down like the account view builder uses.
Would also add an option in the settings to apply report settings to all, so that someone could turn them all on or off at once, then could pick specific to turn on or off from that network's properties.
Finally, add the option to have the add report toggled on or off by default.
It's a little rough, but similar to what's below:
This is fantastic. Looks like you've been moonlighting as a UI designer. :-)
Seriously though, this is great feedback.
user who needs the ability to set manually IP Addresses as Used or Reserved, or
even type information about the devices on the IPAM IP table.
It’s not always
you’ll have just one team or one person managing all the IP Addresses in a
imagine doing this on 16000 IP addresses or more without delegate the function
to the many branches or department that are part off company? Can you imagine
having several teams accessing all the IP Group folders on IPAM? It’s almost
impossible to consolidate the IP manage without setting permissions to the
folders or the many subnets of a particular branch.
its filters might help on some way, but it does not solve the problem as it is
on large environments where you need multiple Admin users.
This is why
I do support this feature request. IPAM needs the give the Administrator users
to set which IP Group Folder can be fully managed by an Orion IPAM User.
this is something we are actually working on I'd like to contact you offline and show you what we have in Beta according to enhanced users limitations.