Adding security groups to the Veritas Operations Manager domain using Veritas Operations Manager 4.1

Article:HOWTO64427  |  Created: 2012-01-04  |  Updated: 2012-01-04  |  Article URL http://www.symantec.com/docs/HOWTO64427
Article Type
How To

Product(s)

Subject


Adding security groups to the Veritas Operations Manager domain using Veritas Operations Manager 4.1

The New Security Group wizard panel lets you add a new security group to the Veritas Operations Manager domain.

Veritas Operations Manager lets you combine a role and a scope to specify a predefined role. The following table explains the combination of roles and scopes and the resultant predefined roles:

Role and scope

Predefined role

Admin and Domain (Entire Domain)

Domain Admin

Admin and Selected Business Entities

Admin

Operator and Domain (Entire Domain)

Domain Operator

Operator and Selected Business Entities

Operator

Guest

Guest

To create a new security group, you must associate an authentication group and an authentication domain with one of the predefined roles in Veritas Operations Manager.

Note:

You cannot provide any scope to the Guest role. When you select the Guest role, the panel does not display the Scope options.

To the Admin and the Operator roles, you can provide the rights to administer either all the business entities or a specific set of business entities present in Veritas Operations Manager.

If you want to use an LDAP domain for users belonging to a specific role, you must create a security group that associates the authentication domain and the role.

Veritas Operations Manager lets you provide the role that you create with the privilege to access the views and reports and perform the operations that are related to out-of-band storage management. To provide the storage administration privileges, you can use the Allow access to storage views and operations check box on the New Security Group wizard panel.

If you do not select the Allow access to storage views and operations check box, the administrators or the operators with the role that you create can only administer the servers. They cannot access the views and reports and perform the operations that are related to out-of-band storage management from the servers that they administer.

The privilege to access the storage views and operations is global in nature. You cannot provide any scope to this privilege. However, you can provide the scope to the role that has the privilege to access the storage views and operations. For example, if you have provided the privilege to access the storage views and operations to the Admin role with the right to administer the business entity BEhosts_example that is based on hosts, the administrators with this role can delve in to the storage views from the hosts that are part of BEhosts_example.

In Veritas Operations Manager, the Dynamic Multipathing (DMP) maintenance operations and the discovery of information on the arrays are directly dependent on the privilege to access the storage views and operations that you have provided to a predefined role.

For more information, refer to the Veritas™ Operations Manager Administrator's Guide and the Veritas™ Operations Manager Storage Insight Add-on for Deep Array Discovery and Mapping User's Guide.

The name of the security group that you create must match the name of the authentication group present in the authentication domain that you use to create it.

Note:

Users with the Domain Admin role can access all the business entities in Veritas Operations Manager.

To add security groups to the domain

  1. Select Settings > Security Groups.

  2. Click Actions >New Security Group.

  3. In the New Security Group wizard panel, enter the details and click OK.

    See New Security Group options for adding security groups to the Veritas Operations Manager domain.

  4. In the Results panel that confirms the action, click OK.

See Viewing security group details in Veritas Operations Manager 4.1

See Modifying the security groups in the Veritas Operations Manager domain using Veritas Operations Manager 4.1

See Removing security groups from Veritas Operations Manager 4.1


Legacy ID



v32581969_v67722951


Article URL http://www.symantec.com/docs/HOWTO64427


Terms of use for this information are found in Legal Notices