Managing permissions
Permission assignments to roles control access to components and content. Permissions are controlled via two areas in :
- You manage permissions to the grid through the Grid Manager Administration:Grid Permissions tab.
- You manage permissions to the repository and repository content through the Repository Manager Manage Permissions tab.
Groups on these tabs are aligned with roles.
To manage permissions, you must assign permissions to roles. Users assigned to the roles will then have permission to use the components associated with their roles.
Note
If a user is associated with more than one role, the user is granted the most permissive permissions. If a user is not associated with a role, that user is automatically assigned the Default role and is granted the default permissions.
By default, provides the AoAdmin and Default permission groups. Both the groups have full access to the repository and to the grid. AoAdmin is a hard-coded group and is not used to administer the system.
Recommendation
BMC recommends that you not associate any users with the AoAdmin role (the default aoadmin user is assigned to that role) and only use this role to unlock the grid if you accidentally remove all the permissions.
To manage permissions for Remedy Single Sign-On (Remedy SSO or RSSO)
- In Remedy SSO you should have already completed the following tasks (described in Creating and managing local users and roles in Remedy Single Sign-On for details).
- Create roles, then create local users and assign them to roles.
or... - Set up LDAP configuration for your LDAP groups.
- Create roles, then create local users and assign them to roles.
- In
Grid Manager and Repository Manager complete the following tasks (described in this section).
- Create groups that have the same names as your RSSO roles or LDAP groups.
- Assign repository and grid permissions to the groups.
After completing these tasks, users assigned to the Remedy SSO roles or LDAP groups have permission to use the components associated with their roles/groups.
Comments
Log in or register to comment.