Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Managing permissions

Permissions determine the BMC Atrium Orchestrator components that you can access.

To manage permissions, you must first create permission groups that are applicable to your environment in BMC Atrium Single Sign-On. Then, you assign user accounts to their respective groups.

Next, you create similar groups and user accounts in BMC Atrium Orchestrator. You manage permissions to the grid through the Grid Manager Administration:Grid Permissions tab. Likewise, you manage permissions to the repository and to the repository content through the Repository Manager Manage Permissions tab.

In Grid Manager and Repository Manager, permissions are assigned against groups. If a user is a member of more than one group, the user is granted the most permissive permissions. If a user is not assigned to any group, that user is automatically a member of the Default group and is granted the default permissions.

By default, BMC Atrium Orchestrator provides the AoAdmin and Default permission groups. Both the groups have full access to the repository and to the grid. AoAdmin is a hard-coded group and is not used to administer the system.

Recommendation
  • No user be a member of the AoAdmin group except the AoAdmin default user and that this group be used only to unlock the grid if you accidentally remove all the permissions.
  • After installing the primary CDP, remove the following permissions from the Default group: Development Studio, Grid Administration, and Grid Management.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*