Page tree

Skip to end of metadata
Go to start of metadata

The Users node in the Administration tab lets you manage every aspect of user authorization and role-based access control in BMC TrueSight Capacity Optimization through the definition of user roles, user accounts, and access groups.

Security is enforced at different levels throughout BMC TrueSight Capacity Optimization. Users need an account to access the BMC TrueSight Capacity Optimization Console; this means that each user needs a unique and authorized username and password that should not be shared with other users.

Depending on user privileges and permissions, each user can access different sections of the console and view different types of information as per his authorization level. The permissions management system is based on the concepts of user roles and access groups, in short: role-based access controlYou can create as many roles as necessary and grant them to selected user accounts.

Roles only limit the BMC TrueSight Capacity Optimization functionalities a user can access; in order to restrict user access to particular applications and data, access groups should be used. An access group lists all the applications and reports that users are authorized to access. A user can belong to one or more access groups.

Note

If you have integrated BMC TrueSight Capacity Optimization with BMC Atrium Single Sign-On (SSO), users of other BMC products that have been integrated with BMC Atrium SSO can access BMC TrueSight Capacity Optimization. You cannot manage these user accounts using the BMC TrueSight Capacity Optimization Console. For information about managing users in BMC Atrium SSO, see BMC Atrium Core technical documentation.

Defining role-based access control (RBAC) in BMC TrueSight Capacity Optimization

To learn how to create and manage user accounts, roles, access groups, and to define role-based access control in BMC TrueSight Capacity Optimization, see:

Administering multiple tenants or customers using role-based access control (RBAC)

BMC TrueSight Capacity Optimization administrators can use the BMC TrueSight Capacity Optimization role-based access control (RBAC) system to manage multiple tenants or customers by assigning specific activities and specific access groups to specific roles. If necessary, BMC TrueSight Capacity Optimization administrators can create roles and activities to tailor the RBAC system to suit your needs.

However, when you are managing multiple tenants or customers, the following apply to your BMC TrueSight Capacity Optimization deployment:

  • All of the data for the BMC TrueSight Capacity Optimization deployment is stored in a single database, and BMC TrueSight Capacity Optimization implements security at the user authentication level.
  • The BMC TrueSight Capacity Optimization administrator manages the following entities:
    • Data connectors
    • Global objects such as time filters and entity filters
    • All collected data until it is moved into the domain hierarchy
  • The BMC TrueSight Capacity Optimization administrator retains all user, role, and access group administration functions. Individual customers cannot have their own tenant administrators.

Related topics

LDAP

Security