• State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 38 subscribers
  • Views 591 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Multi-tenant Orion

byrona

Ultimately I would like to see Orion and by association all related modules become a multi-tenant solution.  This would include a permission system and restriction system that would allow for setting up environments unique to each organization or group of users.  Having the ability to put organizations in a restricted environment in Orion with the option to control their ability view only or even add systems, monitors, etc.

This functionality would be nice for both internal departments as well as external customers.  One product that does a very good job of this is ScienceLogic EM7.  With not many products in the market offering powerful multi-tenant capabilities this would certainly set Orion apart from the rest in this regard.

  • 0

    Hi Byrona,

    I think we have implemented something similar to what you are describing with View limitations, poller seperation and AD groups.

    We have a group of views that certain users can see and have those users grouped by AD group.

    Is this similar to what you are talking about?

    Maybe I am just missing the point?

  • 0 in reply to Paul_Westhead

    I would be interested in hearing more about your specific configuration for this, specifically the poller separation part.

    We are using Orion in a multi-tenant setup now using account limitations.

    What I am looking for with this request is progression toward a very robust multi-tenant environment where I can define organizations, assign administrators within an org. and then they can create and manage users, systems, alerts, etc within the limitations of their org.

  • 0 in reply to byrona

    Hi Byrom,

    How we do it is as follows:

    AD group called 'Domain/Department_Admin'

    This user then has the ability to add and remove devices within there own department but not within any one elses.  This is limited using an account limitation.

    The challenge that we haven't nailed as of yet is as follows:

    We can't limit there Administrative rights for adding and removing users to there users only.

    We can't limit them to a specific poller.

    We can't give them administrative rights to views that are specific to that department.

    So in summary - We can limit what they can get to but we are having to allow them admin back end based on trust they won't edit users and the rights.  We can however stop them editing other departments nodes.

  • 0 in reply to Paul_Westhead

    While I appreciate your suggestion, this doesn't allow the true multi-tenancy functionality I am looking for.

    We are poised to sell a ton of monitoring services using Orion thus requiring us to purchase more product from SolarWinds.  We just re-launched our website which contains an entirely new service catalog and one of the core services is our Monitoring with our 24x7x365 NOC.  We are in customer engagements multiple times a week where monitoring services are on the table.

    What I am trying to say is that if Orion would beef up the multi-tenancy functionality, specifically allowing me to have more control over what I can restrict customers to see (across all modules) then we could be selling a lot more of this stuff.  Customer see it and really want it, I would like to be able to provide it.

    Please SolarWinds, help me out here!

  • 0 in reply to byrona

    Agreed.

    Also AD integration only works for internal groups.
    If a customer is accessing Orion over the Internet, then using AD integration is not an option, unless the Orion server joins the customer's domain internally somehow.
    Most companies would not allow this in any case.

  • 0 in reply to byrona


    Please SolarWinds, help me out here!



    I wish SolarWinds would help us all out.  This is functionality we need as well.  It would definitely take a lot of the workload off of me if I could dole out admin functions to individuals in specific groups and they didn't have the same admin rights that I have.  

    The other piece that i don't think was mentioned was the ability to determine what an Administrator has done on the system.  I would like some log kept of everything an Administrator does on the system.

    Regards,

    Robert

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.