OpManager's user management feature helps you maintain stringent access control over your network. You can configure user roles with access to specific functionalities. You can later create user profiles and associate them with the respective user roles.
There are three types of User Roles in OpManager:
Administrator Users have unrestricted access to perform read/ write operations in OpManager. They add/remove devices, troubleshoot issues, change configurations and more without any limitations i.e they have complete access.
Operator Users have read-only/ restricted access in OpManager. They can be granted further access by the Administrator User.
The level of access for users across different modules and add-ons in OpManager can be customized individually through Custom User Roles. The different levels of access that can be provided in OpManager for users through custom roles include: Read/Write, Read and No Access.
The following are the three different types of authentication in OpManager.
These are the users that are created locally in the product. The credentials for this user are created locally and stored in the server. The password can be changed by the user and it can also be reset by an Administrator User.
These are the users which are authenticated based on the credentials present in the domain. If Auto-login is enabled during AD configuration, then the user will be created automatically during the first login.
There are users which are authenticated based on the credentials present in the radius server. Radius users should be created in OpManager during Radius configuration.
Administrators can assign the following data scopes to users during user creation/update.
All devices:Access to users is either provided for all devices by selecting the "All devices" option during user creation (both for Administrator User and Operator User) or it can be provided for selective devices based on the available business views by choosing the "Selected Business Views" option. In addition to this, access to add-on modules can be customized individually for seperate users in the Scope tab while creating a new User.
Business views: Users can only access devices available in the Business view. They can view dashboards, alarms, and reports, but the data will be limited to the devices in their Business views. A user can be associated with multiple Business views.
To learn more about Business Views, please click here.
Device Groups: From version 128451, users will only have access to devices within the associated Device Groups. They can access dashboards, alarms, and reports, but the data will be limited to the devices in those groups. Users can be associated with multiple Device Groups or parent Groups. Click here to learn more about Groups.
Interface Groups: This user will have access only to the interfaces within their associated Interface Groups. For more information about the scope of Interface Groups, click here.
The following table outlines the access levels for different user roles across various modules, highlighting the permissions available for Business View users, Device Group users, and Interface Group users.
| Module | Access for BV Users | Access for Device Group Users | Access for Interface Group Users |
|---|---|---|---|
| Dashboard |
|
|
|
| Inventory |
|
|
|
| Alarms |
|
|
|
| Maps |
|
|
|
| Reports |
|
|
|
| Settings |
|
|
|
| Workflow |
|
|
|
| New Device Discovery |
|
|
|
| Device/Interface Templates & New Monitors Creation |
|
|
|
| Reports: Scheduling Reports & Advanced Reports |
|
|
|
| Groups |
|
|
|
| Business Views |
|
|
|
Thank you for your feedback!
