Adding and managing roles

role is a set of activities that a user can perform. A user can have one or more roles, and every role is assigned one or more activity.

To manage and assign roles for user accounts from the TrueSight Capacity Optimization console, go to Administration > Users > Roles. The Roles page shows a summary table listing the currently defined user roles, their description, and the associated LDAP groups, if applicable. From this page you can add, edit, or delete user roles.

Each user can have different activities (access rights) associated with the user account. An activity can be, for example, the ability to create a new model or analysis, or the ability to configure a domain. A single user might need to perform several activities. Therefore, all privileges can be aggregated into custom groups called roles.

Support for granting read or write privileges to the public APIs is available only when you apply Service Pack 1 (11.5.01) of TrueSight Capacity Optimization 11.5.


Default roles

Some default roles are available out-of-the-box when you install or upgrade to the current product version. For the list of default roles, see Default users and user groups.

To view details of a role

  1. Log in to the TrueSight Capacity Optimization.
  2. Select Administration > Users > Roles.
    The Roles page shows a summary table listing the currently defined user roles, their description, and the associated Remedy SSO (local or integrated LDAP) groups as external names, if applicable.
  3. Click a role name.
    The detail page for the selected role is displayed listing all activities assigned to the role.

To add a role

  1. Log in to the TrueSight Capacity Optimization.
  2. Select Administration > Users > Roles.
  3. On the Roles page, click Add role. 


  4. In the Add role window, add the required details:

    FieldDescription
    NameType a unique name for the role.
    DescriptionType a description for the role.
    Role AssignmentSelect one of the role assignments:
    • Assign this role by default to all users: Select to assign this role to all users after their login.
    • Assign this role automatically to external users having external group names matching the below list: Select to associate the role with external users after their login. In the External names box, specify the names of external users or user groups. For example, user groups created in the Remedy Single Sign-On Server.
    Activities

    From the list of Available activities, select one or more (Click, Ctrl+click or Click+drag) activities to associate with the role, and then click >>. The selected activities are added to Selected.
    When you add the User accounts - Edit or User access groups - Edit to the Selected list, the User roles/access groups edit restrictions field is displayed. This field enables you to restrict the creation of users based on roles and/or access groups as follows:

      • Allow user creation/edit with any role (default):Click to toggle to Restrict user creation/edit based on the following roles, and select one or more roles that are permitted to create users.
      • Allow user creation/edit with any access group (default): Click to toggle to Restrict user creation/edit based on the following access groups, and select one or more access groups that are permitted to create users.

  5. Click Save.
    The role is added to the roles list on the Roles page.


 Example scenario: Assign read-only access to Chargeback API

Alan is an administrator of TrueSight Capacity Optimization. He wants to grant read-only permission to a user group for accessing the Chargeback API.

Alan performs the following steps:

  1. Create a user group and add users.
    1. Log in to the Remedy Single Sign-On Server.
    2. Create a user group (for example, Chargeback_Consumers) and add the required users.
    For more information about creating users and user groups, see Configuring users and user groups.
  2. Create and configure a role.
    1. Log in to the TrueSight Capacity Optimization console.
    2. Click Administration > USERS > Roles > Add role.
    3. Specify a role name and a description.
    4. Select Assign this role automatically to external users having external group names matching the below list.
    5. In the External names field, specify the group name you created in the Remedy Single Sign-On Server to associate with the role. For example, Chargeback_Consumers
    6. Under Activities, select Read access to Chargeback API from the Available list, and click >> >> to move it to the Selected list.
    7. Save the changes.

The users who belong to the Chargeback_Consumers group can now access the Chargeback API to retrieve the information. To provide similar read-only access to a new user, Alan can create the user and add it to the Chargeback_Consumers group.

To edit or delete a role

You can edit a role to change the activities associated with it or delete a role.

To edit a role

  1. Select Administration > Users > Roles.
    The Roles page is displayed.
  2. To edit a role, do one of the following:
    • On the Roles page, click the role name that you want to edit.
    • On the Roles page, click edit this role corresponding to the role you want to edit.
  3. On the Edit role page, edit the required properties and click Save

To delete a role

  1. Select Administration > Users > Roles.
    The Roles page is displayed.
  2. To delete a role, do one of the following:
    • On the Roles page, click the role name that you want to delete. The role is deleted.
    • On the Roles page, click delete this role corresponding to the role you want to delete. Click Proceed to delete the selected role.

Was this page helpful? Yes No Submitting... Thank you

Comments