Page tree
Skip to end of metadata
Go to start of metadata

role is a set of activities that a user can perform. A user can have one or more roles, and every role is assigned one or more activity.

To manage and assign roles for user accounts from the TrueSight Capacity Optimization Console, go to Administration > Users > Roles. The Roles page shows a summary table listing the currently defined user roles, their description, and the associated LDAP groups, if applicable. From this page you can add, edit, or delete user roles.

Each user can have different activities (access rights) associated with his account. An activity can be, for example, the ability to create a new model or analysis, or the ability to configure a domain. As single users may need to perform several activities, all privileges can be aggregated into custom groups called roles.

Available roles

User accounts may have one or more of the following roles:

administrator

The user is allowed to perform any activity on the BMC TrueSight Capacity Optimization Console.

reporter

The user is allowed to create, modify and run standard reports.

analyzer

The user is allowed to create, modify and run analyses of system performances and business drivers.

configurator

The user is allowed to configure domains and systems and business drivers.

modeler

The user is allowed to create, modify and run models.

enterprise reporter

The user is allowed to create, modify, upload and run enterprise reports.

To view details of a role

  1. Select Administration > Users > Roles.
    The Roles page shows a summary table listing the currently defined user roles, their description, and the associated Atrium SSO or LDAP groups (external names), if applicable.
  2. Click the role name whose details you want to view.
    The detail page for the selected role is displayed in the working area, listing all activities assigned to the role.

To add a role

  1. Select Administration > Users > Roles.
  2. In the Roles page, click Add role and enter the following information:

    FieldDescription
    NameType unique name for the role.
    DescriptionType description for the role.
    Role AssignmentSelect any one:
    • Assign this role by default to all users: To assign this role to all users on their login.
    • Assign this role automatically to external users having external group names matching the below list: To assign this role on login to the external users that have external names matching with the names specified in the External names box. Users are assigned this role on their login. When you select this option, the External names box is enabled.
    External namesIf you have external authentication (Atrium SSO or LDAP), you can specify the names of Atrium SSO or LDAP groups to associate with this role, separated by a semi-colon (";").
    ActivitiesFrom the list of Available activities, select one or more (Click, Ctrl+click or Click+drag) activities to associate with the role, and then click .
    The activities you selected are added to Selected.
    When you add the User accounts - Edit or User access groups - Edit to the Selected list, the User roles/access groups edit restrictions field is displayed. The User roles/access groups edit restrictions field enables you to control the creation of users based on roles and/or access groups. To control the creation of users, you can:
      • Allow user creation/edit with any role (default):Click to toggle to Restrict user creation/edit based on the following roles, and select one or more roles (Click, Ctrl+click or Click+drag) which will be allowed to create users, and click .
      • Allow user creation/edit with any access group (default): Click to toggle to Restrict user creation/edit based on the following access groups, and select one or more access groups (Click, Ctrl+click or Click+drag) which will be allowed to create users, and click .
      

  3. Click Save.
    The Activities table is displayed that lists all activities you selected, and a description for each one of them. See Out-of-the-box roles and Built-in roles and activities for more information on all available activities.
    You can also Edit or Delete your current role. 

To edit or delete a role

You can edit a role to change the activities associated with it, or delete a role.

To edit a role

  1. Select Administration > Users > Roles.
    The Roles page is displayed.
  2. To edit a role, do one of the following:
    • In the Roles page, click the role name that you want to edit.
    • In the Roles page, click edit this role corresponding to the role you want to edit.
  3. In the Edit role page, edit the required properties and click Save

To delete a role

  1. Select Administration > Users > Roles.
    The Roles page is displayed.
  2. To delete a role, do one of the following:
    • In the Roles page, click the role name that you want to delete. The role is deleted.
    • In the Roles page, click delete this role corresponding to the role you want to delete. Click Proceed to delete the selected role.

Out-of-the-box roles

The following table lists the out-of-the-box roles that are available in the TrueSight Capacity Optimization console:

RoleDescription
ADMINAll activities.
API-CLIENTProvides access to Web service API.
INVESTIGATE-EDITORProvides access to Investigate.
REPORTS-READERProvides read-only access to Reports.
REPORTS-EDITORProvides view and edit access to Reports.
RESERVATIONS-ALLProvides view and edit access to Reservations.
TSPS_Capacity_AdministrationProvides access to the Administration section of Capacity Views in TrueSight Presentation Server.
TSPS_Capacity_ViewProvides access to Capacity Views in TrueSight Presentation Server.
VIEWS-READERProvides access to Views.
VIEWS-EDITORProvides view and edit access to Views.
VIRTUAL PLANNING-EDITORProvides access to Virtual Planner.
WORKSPACE-READERProvides access to the Workspace area in the Console.
WORKSPACE-EDITORProvides view and edit access to the Workspace area in the Console.

For the activities assigned to these roles, see Built-in roles and activities in BMC TrueSight Capacity Optimization.

Built-in roles and activities in TrueSight Capacity Optimization

The following table lists the built-in activities and the built-in roles to which they are assigned:

Built-in activity

Description

Assigned to built-in roles

WEB_ANALYZE

View analyses saved in the Works folder

  • ADMIN
  • WORKSPACE-READER
  • WORKSPACE-EDITOR

WEB_MODEL

View models saved in the Works folder

  • ADMIN
  • WORKSPACE-READER
  • WORKSPACE-EDITOR

WEB_CONFIGURE

View active systems and business drivers associated with one or more domains

  • ADMIN
  • WORKSPACE-READER
  • WORKSPACE-EDITOR

WEB_RM

Access the Resource Monitor node in Administration

  • ADMIN
  • WORKSPACE-READER
  • WORKSPACE-EDITOR

WEB_EVENTS

Access the Event Manager node in Administration

  • ADMIN
  • WORKSPACE-READER
  • WORKSPACE-EDITOR

WEB_MODEL_EDIT

Add, edit and delete models

  • ADMIN
  • WORKSPACE-EDITOR

WEB_ANALYZE_EDIT

Add, edit and delete analyses

  • ADMIN
  • WORKSPACE-EDITOR

WEB_CONFIGURE_EDIT

Add, edit and delete domains, systems and business drivers

  • ADMIN
  • WORKSPACE-EDITOR

WEB_RM_EDIT

Add, edit and delete monitors and alert rules in Resource Monitor

  • ADMIN
  • WORKSPACE-EDITOR

WEB_EVENTS_EDIT

Add, edit and delete event rules in Event Manager

  • ADMIN
  • WORKSPACE-EDITOR

WEB_REPORT

View reports saved in Works

  • ADMIN
  • REPORTS-READER
  • REPORTS-EDITOR

WEB_REPORT_SEC

Access Reports

  • ADMIN
  • REPORTS-READER
  • REPORTS-EDITOR

WEB_REPORT_EDIT

Add, edit and delete reports

  • ADMIN
  • REPORTS-EDITOR

WEB_REPORT_PUBLISH

Publish or unpublish reports

  • ADMIN
  • REPORTS-EDITOR

WEB_DASHBOARD

Access the Console Views tab

  • ADMIN
  • VIEWS-READER
  • VIEWS-EDITOR

WEB_ADMIN_DASHBOARD

Have administrator privileges to views

  • ADMIN
  • VIEWS-EDITOR

WEB_ADMIN_GM_VIEW

View General Manager

N/A

WEB_ADMIN_GM_EDIT

Make changes using General Manager

N/A

WEB_ADMIN_EDIT

Edit the following Administration properties:

  • System > Configuration
  • System > Maintenance
  • Data warehouse
  • Scheduler > Instances
  • Data hub
  • Template management

ADMIN

WEB_ADMIN_TASKS_EDIT

Edit the following Administration properties:

  • Scheduler > Task groups
  • Scheduler > System tasks
  • Scheduler > ETL tasks

ADMIN

WEB_ADMIN_BENCHMARKS_EDIT

Edit the following Administration property: Benchmark management

ADMIN

WEB_ADMIN_REPORTING_EDIT

Edit the following Administration properties:

  • Tag management > Tagging rules
  • Advanced reporting

ADMIN

WEB_ADMIN

Access the Administration section

ADMIN

WEB_ANALYZE_TEMPLATE_EDIT

Add, edit and delete analysis templates

ADMIN

WEB_CALENDAR_EDIT

Modify the Administration calendar

ADMIN

WEB_CONFIGURE_ALL

Access the All Systems and Business Drivers node (inactive, dismissed or newly discovered entities)

ADMIN

WEB_GLOBAL_FILTER_EDITAllow user to add/edit global filtersN/A

WEB_ADMIN_USERS_ACGROUPS_ASSIGNABLE

Manage user access groups from the Administration section

ADMIN

WEB_ADMIN_USERS_ASSIGNABLE

Manage user accounts from the Administration section

ADMIN

WEB_ADMIN_USERS_ROLES_ASSIGNABLE

Manage user roles from the Administration section

ADMIN

API_CHARGEBACKAccess the Chargeback section
  • ADMIN
  • API-CLIENT
API_DATAAccess the data section
  • ADMIN
  • API-CLIENT
API_RESERVATIONEnable access to Reservation APIADMIN
API_SEARCHAccess the search section
  • ADMIN
  • API-CLIENT
API_TF_MODELEnable access to Time forecasting model API
  • ADMIN
  • API-CLIENT
WEB_ADMIN_AUTENTICATION_EDIT

Edit the following Administration section: Authentication

ADMIN
WEB_ADMIN_ETLAccess to administration ETLADMIN
WEB_ADMIN_TASKHave administration privileges to taskADMIN
WEB_CONFIGUREAccess to Configuration tabADMIN
WEB_REPORT_GLOBAL_CREATORAccess to Report Global CreatorADMIN
WEB_VPAccess to the Virtual PlannerADMIN

Note

Apart from roles and activities assigned by the administrator, access to items in any Works folder is also controlled by access modes configured by the owner.

 

1 Comment

  1.