Adding and managing roles


role is a set of activities that a user can perform. A user can have one or more roles, and every role is assigned one or more activity.

To manage and assign roles for user accounts from the TrueSight Capacity Optimization console, go to Administration > Users > Roles. The Roles page shows a summary table listing the currently defined user roles, their description, and the associated LDAP groups, if applicable. From this page you can add, edit, or delete user roles.

Each user can have different activities (access rights) associated with the user account. An activity can be, for example, the ability to create a new model or analysis, or the ability to configure a domain. A single user might need to perform several activities. Therefore, all privileges can be aggregated into custom groups called roles.

Default roles

Some default roles are available out-of-the-box when you install or upgrade to the current product version. For the list of default roles, see Default-users-and-user-groups.

To view details of a role

  1. Log in to the TrueSight Capacity Optimization.
  2. Select Administration > Users > Roles.
    The Roles page shows a summary table listing the currently defined user roles, their description, and the associated Remedy SSO (local or integrated LDAP) groups as external names, if applicable.
  3. Click a role name.
    The detail page for the selected role is displayed listing all activities assigned to the role. 

To add a role

  1. Log in to the TrueSight Capacity Optimization.
  2. Select Administration > Users > Roles.
  3. On the Roles page, click Add role. 

    add_role.png
  4. In the Add role window, add the required details:

  5. Click Save.
    The role is added to the roles list on the Roles page.


Example scenario: Assign read-only access to Chargeback API

Alan is an administrator of TrueSight Capacity Optimization. He wants to grant read-only permission to a user group for accessing the Chargeback API.

Alan performs the following steps:

  1. Create a user group and add users.

    1. Log in to the Remedy Single Sign-On Server.
    2. Create a user group (for example, Chargeback_Consumers) and add the required users.

    For more information about creating users and user groups, see Configuring-users-and-user-groups.

  2. Create and configure a role.
    1. Log in to the TrueSight Capacity Optimization console.
    2. Click Administration > USERS > Roles > Add role.
    3. Specify a role name and a description.
    4. Select Assign this role automatically to external users having external group names matching the below list.
    5. In the External names field, specify the group name you created in the Remedy Single Sign-On Server to associate with the role. For example, Chargeback_Consumers
    6. Under Activities, select Read access to Chargeback API from the Available list, and click >> >> to move it to the Selected list.
    7. Save the changes.

The users who belong to the Chargeback_Consumers group can now access the Chargeback API to retrieve the information. To provide similar read-only access to a new user, Alan can create the user and add it to the Chargeback_Consumers group.

To edit or delete a role

You can edit a role to change the activities associated with it or delete a role.

To edit a role

  1. Select Administration > Users > Roles.
    The Roles page is displayed.
  2. To edit a role, do one of the following:
    • On the Roles page, click the role name that you want to edit.
    • On the Roles page, click edit icon.pngedit this role corresponding to the role you want to edit.
  3. On the Edit role page, edit the required properties and click Save

To delete a role

  1. Select Administration > Users > Roles.
    The Roles page is displayed.
  2. To delete a role, do one of the following:
    • On the Roles page, click the role name that you want to delete. The role is deleted.
    • On the Roles page, click delete.pngdelete this role corresponding to the role you want to delete. Click Proceed to delete the selected role.


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*