8 Replies Latest reply on Mar 4, 2014 2:47 PM by Adam Stephen

    Role Based Access in NPM & SAM

    mphalak

      Hello ...

       

      I want to create role based access to users, so basically need on group with only capabilities to do discovery only no other management capabilities, how can I achieve this ?

      Any help appreciated.

       

      Thanks

        • Re: Role Based Access in NPM & SAM
          salating

          Granular access restrictions like you are wanting to do is not possible at this time. There was a feature request somewhere to have more options in creating restrictions for users to do certain tasks.

          • Re: Role Based Access in NPM & SAM
            aLTeReGo

            Are you referring to node discovery or application discovery? Application discovery is already a granular permission granted by the SAM Admin user role. Node discovery is a function of the Node Management permission.

            • Re: Role Based Access in NPM & SAM
              Adam Stephen

              mphalak,

               

              To restrict rights to only a scan based role is not possible depending on what type of scan you are referring to.  For a nodes scan salanting is correct that is part of the Node Management and Admin roles.  If you are referring to NCM and IPAM you can select the proper role for those and apply it to a AD you add into SolarWinds.  Hope this helps.  you can absolutely vote the feature up so they can see more interest.

               

              Hope that helps,

              Adam Stephen

              Loop 1 Systems

              Remote Engineer Level 2

              www.loop1systems.com

                • Re: Role Based Access in NPM & SAM
                  mphalak

                  So we have two groups IT Infra team and IT support so I want to give admin role to IT Infr and just ability to discover nodes to IT support is possible to get this granular ?

                   

                    • Re: Role Based Access in NPM & SAM
                      Adam Stephen

                      mphalak,

                       

                      You can give the one group the admin role and not the other.  There is not right management for only scans but the scan feature is part of the admin role.  So you could give the IT Infr the Admin role and not the other group.  The other option is if you know who in the IT Support role is supposed to have the scan right you could give them admin only as a single user.  The ability to delete and modify nodes is a separate right which is call Node Management.  Sorry it is not exactly the answer you are looking for but hoe it help.

                       

                      Regards,

                      Adam Stephen

                      Loop 1 Systems

                      Remote Engineer Level 2

                      www.loop1systems.com

                        • Re: Role Based Access in NPM & SAM
                          mphalak

                          Thanks Adam. So like you mentioned can I give a user fro IT Support Admin role but not access to Node Management I believe thats part for admin role right

                            • Re: Role Based Access in NPM & SAM
                              Adam Stephen

                              mphalak,

                               

                              You can give them admin access, however once you have, they can give themselves what ever rights they want including node management.  The admin role gives them access to all the settings for the main orion  page as well as any subsequent products you own.  Be very carful who you give Admin to.  So the person with this role should be a lead or trusted individual.  Keep in mind any actions they make are recorded as a audit events.  This means you can track what changes they make such as un-managing a node, deleting an interface , etc.

                               

                               

                              Regards,

                              Adam Stephen

                              Loop 1 Systems

                              Remote Engineer Level 2

                              www.loop1systems.com

                              1 of 1 people found this helpful