Manualshelf

HP Intelligent Management Center v5.1 TACACS+ Authentication Manager Administrator Guide

ManualsBrandsHP ManualsComputer AccessoriesHP IMC TACACS+ Authentication Manager Software Module Additional 50-node QTY E-LTU
61626364656667686970
55
7 Managing device users
Device users refer to the network maintainers who log in and manage devices. A device user is
configured with an account name and a password on TAM for identity authentication of network
maintainers. A network maintainer can log in to manage a device after entering the correct account
name and password.
A TAM administrator needs to build a properly-structured device user database for hierarchical
management of device users. To do so, take the following steps:
1. Create multiple TAM operators.
2. Plan and create multiple device user groups, and specify TAM operators that can manage the
device user groups.
3. Create device users, and assign device users to device user groups as needed.
TAM operators are the operators of the IMC Platform. For information about how to create operators, see
HP IMC Base Platform Administrator Guide.
Configuring device user groups
Use device user groups to implement hierarchical management of device users. The TAM administrator
can divide device user groups according to various criteria, for example, the device management scope
of device users and the working time of device users.
A device user group supports sub-groups for hierarchical management of device users. A level-1 (top
level) device user group can be further divided into multiple level-2 device user groups, and a maximum
of five group levels can be created. Two groups with adjacent levels are referred to as parent group and
child group, respectively. For example, a level-1 group is the parent group of all its level-2 groups, and
the level-2 groups are the child groups of the level-1 group.
TAM predefines a special device user group, called "Ungrouped." An operator cannot delete this group
or add sub-groups for this group, and when modifying it, cannot change its name and description.
Viewing the device user group list
To view the device user group list:
1. Click the User tab.
2. Select Device User View > Device User Groups from the navigation tree.
The Device User Group List displays all device user groups.
Device user group list contents
Group NameName of the device user group. Click the group name link to view the device user
group details.
Authorization PoliciesName of the authorization policy used by the device users in the device
user group. If the device users in the group can only log in to the device but cannot execute
commands on the device, this field displays CLI Access Not Supported.
User ListProvides the User List icon . Click the icon to view all device users in the device user
group.