• Spaces
  • Collections
  • Help
    • ×
     
     
    •  
    BMC TrueSight Operations Management 10.0

    Page tree

    Unsupported content

     

    This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

    Authorization profiles provide role-based access control by associating users who belong to one or more user groups with specific roles and objects. The default authorization profiles are created during the installation of the Presentation Server component. 

    This topic contains the following information about authorization profiles:

    By default, any user who is a member of the Administrators user group can create, edit, and delete authorization profiles. 

    Tip

    The easiest way to edit an authorization profile is to modify one or more of its components.

    For example, you might grant access permission to Central Monitoring Administration for the Event Administrator role. Any of the authorization profiles that included that role are affected by the change in permissions.


    Prerequisite tasks

    Managing users and user groups

    Managing roles

    Specifying objects

    Creating, editing, and deleting PATROL Agent ACLs

    Authorization profile tasks

    From the Authorization Profiles page, you can complete the following tasks:

    Create authorization profiles

    Edit and delete authorization profiles

    Authorization profile components

    Authorization profiles comprise user groups, roles, and objects, which you specify or select when creating or editing the profile. You cannot create or modify these required components when creating or modifying an authorization profile. 

    Default authorization profiles and authorization profiles created in the BmcRealm are accessible to other tenants. 

    The following diagram and table describe the required components and show their relationship to an authorization profile. 

     

     

    ComponentDetails
    User groups

    A named collection of users. You can associate multiple user groups with an authorization profile. You can also associate a user group to more than one authorization profile.

    For environments with multiple tenants, an authorization profile can contain user groups from multiple tenants, but each user group must contain users from a single tenant.

    If an authorization profile contains only one user group and if that user group is deleted in BMC Atrium Single Sign-On, actions on the authorization profile fail. You have to edit the authorization profile to add a different user group or delete the authorization profile.

    RolesRoles comprise collections of permissions that permit or deny a user to access features or perform actions in Operations Management product components.
    Objects(Optional) Administrators can choose from a list of objects present in Operations Management and then associate the selected objects with the authorization profile.

    You can create or configure the authorization profile components in any order, but you cannot create an authorization profile without them.

    Default authorization profiles

    The following persona-based authorization profiles are created in the Presentation Server for the BmcRealm during the installation of the TrueSight Presentation Server component:

    • Solution Administrator
    • Technology Specialist
    • Application Specialist–Applications
    • Application Specialist–Services
    • Service Manager
    • IT Operations User
    • Executive

    Editing options

    From the Authorization Profiles page in the Operations Management console, you can add new authorization profiles by accessing the action menu from the page heading. You can modify or delete an existing authorization profile by selecting its action menu. 

    Related topics

    Managing users and user groups

    Managing users and access control

    Role-based access

    Creating, editing, and deleting PATROL Agent ACLs

    Unauthorized error in the console

    1 Comment

    1. Melody Locke

       

    © Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.