Unsupported contentThis version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Managing authorization profiles

Authorization profiles provide role-based access control by associating users who belong to one or more user groups with specific roles and objects. The default authorization profiles are created during the installation of the Presentation Server component. 

This topic contains the following information about authorization profiles:

By default, any user who is a member of the Administrators user group can create, edit, and delete authorization profiles. 

Tip

The easiest way to edit an authorization profile is to modify one or more of its components.

For example, you might grant access permission to Central Monitoring Administration for the Event Administrator role. Any of the authorization profiles that included that role are affected by the change in permissions.

Prerequisite tasks

Managing-users-and-user-groups

Managing-roles

Specifying-objects

Creating-editing-and-deleting-PATROL-Agent-ACLs

Authorization profile tasks

From the Authorization Profiles page, you can complete the following tasks:

Create authorization profiles

Edit and delete authorization profiles

Authorization profile components

Authorization profiles comprise user groups, roles, and objects, which you specify or select when creating or editing the profile. You cannot create or modify these required components when creating or modifying an authorization profile. 

Default authorization profiles and authorization profiles created in the BmcRealm are accessible to other tenants. 

The following diagram and table describe the required components and show their relationship to an authorization profile. 

 

authorizationProfile.png

 

You can create or configure the authorization profile components in any order, but you cannot create an authorization profile without them.

Default authorization profiles

The following persona-based authorization profiles are created in the Presentation Server for the BmcRealm during the installation of the TrueSight Presentation Server component:

  • Solution Administrator
  • Technology Specialist
  • Application Specialist–Applications
  • Application Specialist–Services
  • Service Manager
  • IT Operations User
  • Executive

Editing options

From the Authorization Profiles page in the Operations Management console, you can add new authorization profiles by accessing the action menu from the page heading. You can modify or delete an existing authorization profile by selecting its action menu. 

authProfilePage.png

Related topics

Managing-users-and-user-groups

Managing-users-and-access-control

Role-based-access

Creating-editing-and-deleting-PATROL-Agent-ACLs

Unauthorized-error-in-the-console

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*