Important

   

Starting version 8.9.03, BMC Network Automation is renamed to TrueSight Network Automation. This space contains information about BMC Network Automation 8.9.02 and previous versions. For TrueSight Network Automation 8.9.03 and later releases, see the TrueSight Network Automation documentation.

Roles and permissions

This topic describes the roles assigned to the user accounts for authentication and how those roles authorize access to the product and product features:

Related topics
 Where to find more information

BMC Network Automation roles

All users must have a valid user name and password to access the system. During installation, the administrator specifies whether users are authenticated locally (default), or authenticated through a Microsoft Active Directory, OpenLDAP, RADIUS, or TACACS+ server. The authentication method is also extended to the URL in-context launches and web services APIs. Independent of the authentication method, each user is assigned one or more roles that grant or deny system and network rights. Network rights are assigned to realms. The system includes a set of default roles. The system administrator can modify these roles and create new roles. The default set of roles include:

  • Viewer: Can view reports and database information, but cannot modify the database or device configurations.
  • Manager: Same as Viewer, but can also manage jobs.
  • Planner: Same as Manager, but can also manage network-related components (for example devices, groups, policies).
  • Administrator: Including all system administration tasks on the Admin tab. All rights are granted to this user.

Essential user activity is logged to the Event log, including log on and log off, database management, and device configuration management.

The following table provides a list of the common types of users who use BMC Network Automation, and how they interact with the product.

Title

Skills

Interaction with BMC Network Automation

Infrastructure Manager

  • System administration
  • Database administration

Responsible for certifying and maintaining the BMC Network Automation application (sizing, database backup, purging, and so forth)

BMC Network Automation Administrator

  • XML
  • Java regex
  • Basic scripting

Responsible for defining rules, user roles within the product, policies, custom actions, and device adapters

Network Administrator

  • Network engineering

Specific to BMC Cloud Lifecycle Management; responsible for network pod and container design

BMC Network Automation User – Network Admin/Ops

  • Network operations

Prescriptive operations and break/fix remediations of routers and switches

BMC Network Automation User – Server Admin/Ops

  • Server operations and administration

Prescriptive network path provisioning in support of server provisioning

BMC Network Automation User – Security Ops

  • Network security operations and engineering

Responsible for monitoring and managing firewalls

BMC Network Automation Super User

BMC Network Automation user with access to multiple sites and/or realms

IT Manager

Viewing Priority, Status, Activity, and Support reports

Permissions

BMC Network Automation must be installed by an administrator on Microsoft Windows or by a root user on Linux. 

If you are using an external database (rather than the embedded PostgresSQL database included with BMC Network Automation), you will also need database system administrator credentials during installation. See Preparing for installation for more information.

After installation, the BMC Network Automation administrator can set the user roles, rights, and privileges of users of BMC Network Automation. These users can be ordinary users of the underlying operating system. See Managing access.

Was this page helpful? Yes No Submitting... Thank you

Comments