HP SIM V5.1 User Guide (356920-009, January 2007)

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager 5.x HP-UX Software

121

122

123

124

125

126

127

128

129

130

6 Users and authorizations

NOTE:

Users

that have been added to the

Central Management Server

(CMS) cannot view or manage

systems until

authorizations

have been configured for them.

NOTE: HP-UX and Linux-provided command line tools, such as ls and df, are run as root by default. For

security reasons, you might want them to run as a specific user to avoid permitting unintended capabilities

to a user.

HP Systems Insight Manager (HP SIM) enables you to configure authorizations for specific users or user

groups. Authorizations give the user access to view and manage systems. Each authorization specifies a

user or user group, a toolbox, and a system or system group. The specific set of tools that can be run against

a system is specified in the assigned toolbox.

It is important that you plan which systems each user is going to manage and which specific set of

tools

the

users are authorized to execute against the managed systems. A user with no toolbox authorizations on a

system cannot view or manage that system.

Authorizations are additive. If a user is authorized on Toolbox1 on a system and is also authorized for

Toolbox2 on the same system, the user is authorized for all tools in both Toolbox1 and Toolbox2 on that

system. Similarly, a user authorized for the All Tools toolbox needs no other toolbox authorization on that

system because the All Tools toolbox always includes all tools.

See these general steps as a guideline for setting up user names and authorizations in the following sections:

1. “Configuring automatic discovery”

2. “Creating new users”

3. “Creating new user groups”

4. “Creating new toolboxes”

5. “Creating new authorizations”

User configuration rights

HP SIM provides the following configuration rights:

• Full configuration rights. Enables total user control of the

database

. Users can run

discovery

of systems

and

data collection

; define users and authorizations; set

Cluster Monitor

configuration; configure

licensing and protocol settings; and create, modify, delete, and run reports, snapshot comparisons,

tools, custom tools, events, automation tasks, and so on.

• Limited configuration rights. Enables the user to create, edit, and delete reports (including predefined

reports).

• No configuration rights. Enables the user to view and run predefined reports on systems they have been

authorized to view only. A user without configuration rights cannot execute any actions to affect the

system

database

Users and authorizations tabs

The Users and Authorizations tabs offer the following options:

• Add, edit, and delete users and user groups, and view and print user reports. Select

Options→Security→Users and Authorizations→Users.

• Add, edit, and delete toolboxes, and view and print toolbox reports. Select Options→Security→Users

and Authorizations→Toolboxes.

• Add and delete authorizations, and view and print authorization reports. Select

Options→Security→Users and Authorizations→Authorizations.

User configuration rights 123