Page tree
Skip to end of metadata
Go to start of metadata

The Users node in the Administration tab enables you to manage every aspect of user authorization and role-based access control (RBAC) in TrueSight Capacity Optimization through the definition of user roles, user accounts, and access groups.

Security is enforced at different levels throughout TrueSight Capacity Optimization. Users need an account to access the TrueSight Capacity Optimization Console; this means that each user needs a unique and authorized username and password that should not be shared with other users.

Depending on user privileges and permissions, each user can access different sections of the console and view different types of information as per his authorization level. The permissions management system is based on the concepts of user roles and access groups, in short: role-based access controlYou can create as many roles as necessary and grant them to selected user accounts.

Roles only limit the TrueSight Capacity Optimization functionalities a user can access; in order to restrict user access to particular applications and data, access groups should be used. An access group lists all the applications and reports that users are authorized to access. A user can belong to one or more access groups.

Related topics

Securing communication between product components using TLS

Administering the TrueSight Capacity Optimization environment

Configuring the Presentation Server to authenticate users in Atrium Single Sign-On

Role-based access in the Presentation Server


If you have integrated TrueSight Capacity Optimization with Atrium Single Sign-On, users of other BMC products that have been integrated with Atrium Single Sign-On can access TrueSight Capacity Optimization. You cannot manage these user accounts using the TrueSight Capacity Optimization Console. For information about managing users in Atrium Single Sign-On, see the Atrium Core technical documentation.

Defining RBAC in TrueSight Capacity Optimization

To learn how to create and manage user accounts, roles, access groups, and to define role-based access control in TrueSight Capacity Optimization, see:

Administering multiple tenants or customers using RBAC

TrueSight Capacity Optimization administrators can use the TrueSight Capacity Optimization RBAC system to manage multiple tenants or customers by assigning specific activities and specific access groups to specific roles. If necessary, TrueSight Capacity Optimization administrators can create roles and activities to tailor the RBAC system to suit your needs.

However, when you are managing multiple tenants or customers, the following apply to your TrueSight Capacity Optimization deployment:

  • All of the data for the TrueSight Capacity Optimization deployment is stored in a single database, and TrueSight Capacity Optimization implements security at the user authentication level.
  • The TrueSight Capacity Optimization administrator manages the following entities:
    • Data connectors
    • Global objects such as time filters and entity filters
    • All collected data until it is moved into the domain hierarchy
  • The TrueSight Capacity Optimization administrator retains all user, role, and access group administration functions. Individual customers cannot have their own tenant administrators.

Related topics

Configuring user authentication

Security considerations for TrueSight Capacity Optimization