HP Systems Insight Manager 5.3 Technical Reference Guide
sign in IP address restrictions, or authorizations are changed, this change is immediately reflected for all
current members of the group.
With configuration rights, the user inherits the highest setting. With sign-in IP address restrictions, the user
inherits all entries. With authorizations, the user inherits all authorizations.
NOTE: A user's group membership is determined at sign-in. If a user's group membership changes in the
operating system, it is not reflected in HP SIM until the next time the user signs in to HP SIM.
To create a new user group:
1. Select Options→Security→Users and Authorizations→Users, and then click New Group. The
New User Group section appears.
2. In the Group name (on central management server) field, enter the operating system group name
to be used for signing in to HP SIM. This field is required.
3. If the
Central Management Server
(CMS) is running a Windows operating system, in the Domain
(Windows domain for login name) field, enter the Windows domain name for the group .
4. In the Full name field, enter the full name for the group. This name appears in the table under the
Users tab.
5. In the Copy all authorizations of this user or [template] field, select a template or sign in that already
has the predefined authorizations that you want to assign to the group you are creating. See “Default
user templates” for more information about default user templates.
6. For user accounts that must be able to create, modify, or delete other accounts in the Central
management server security configuration right section, select User can configure CMS security
access such as creating, modifying or removing other users. If you selected an existing user with
administrative rights or the administrator template in the previous step, this option is automatically
selected.
7. Under the Sign-In IP Address Restrictions section, in the Inclusion ranges field, enter the IP addresses
of the systems you want this user to be able to use as a client browsing this CMS. If you list multiple IP
addresses, separate them with a semicolon (;). Each range is a single IP address or two IP addresses
separated by a dash (-). The IP addresses must be entered in the standard dotted decimal notation, for
example, 15.1.54.133. Any spaces surrounding the semicolons or dashes are ignored. Spaces are
not allowed within a single IP address in the dotted decimal notation. Enter 0.0.0.0 to prevent a user
from logging in through a remote system.
Important: If browsing from the CMS, ensure all IP addresses of the CMS are properly included. If
browsing to localhost, ensure the loopback address 127.0.0.1 is also included.
8. In the Exclusion ranges field, enter the IP address of the systems that should be excluded from
management by this user or user group. Use the same format as in the previous step for Inclusion
ranges. Enter 0.0.0.0 to prevent a user from logging in through a remote system.
9. To save and close the New User Group section, click OK. To save and keep the New User Group
section open, click Apply, or to cancel to close the New User Group section without saving the new
group, click Cancel .
Command line interface
Users with
administrative rights
can use the mxuser command to create a user group from the
command
line interface (CLI)
NOTE: Users must have the User can configure CMS security access such as creating, modifying
or removing other users option selected when their account is set up for them to be able to use the mxuser
command.
Users with
operator rights
can use the mxexec command to launch command tools on systems from the CLI.
For assistance with this command, see the associated manpage.
See “Using command line interface commands” for information about accessing the manpage.
134 Users and authorizations