HP

HP Systems Insight Manager Technical Reference Guide

English
  Users and Authorizations  |  Users and User Groups  |  Creating New User Groups   

Creating New User Groups

»Table of Contents
»Index
»Notices
»Introduction
»Product Overview
»Getting Started
»Discovery and Identification
»Users and Authorizations
»Users and User Groups
»Creating New Users
Creating New User Groups
»Editing User Accounts and User Groups
»Deleting User Accounts and User Groups
»User and User Group Reports
»Default User Templates
»Toolboxes
»Authorizations
»Networking and Security
»Monitoring Systems, Clusters, and Events
»Storage Integration
»Managing with Tasks
»Tools that Extend Management
»Partner Applications
»Reporting
»Administering Systems and Events
»Troubleshooting
»Reference Information
»Printable version
»Glossary
»Using Help

User groups must exist in the operating system. For Windows, this includes Active Directory. Members of the user groups in the operating system can sign into HP Systems Insight Manager (HP SIM) and will inherit the group's attributes for configuration rights and login IP address restrictions, as well as the group's authorizations. When a group's configuration rights, login IP address restrictions, or authorizations are changed, this change is immediately reflected in all current members of the group.

Users that are members of multiple user groups inherit attributes and authorizations from each group. For configuration rights, the user inherits the highest setting. For login IP address restrictions, the user inherits all entries. For authorizations, the user inherits all authorizations.

A user's group membership is determined at sign in. If a user's group membership changes in the operating system, it is not reflected in HP SIM until the next time the user signs in to HP SIM.

To create a new user group:

  1. Select OptionsSecurityUsers and AuthorizationsUsers, and click [New Group]. The New User Group section appears.

  2. In the Group name (on central management server) field, enter the operating system group name to be used for logging into HP SIM. This field is required.

  3. In the Domain (Windows domain for login name) field, enter the Windows domain name for the group if the central management server (CMS) is running a Windows operating system.

  4. In the Full name field, enter the full name for the group. This is displayed in the table on the Users tab.

  5. In Copy all authorizations of this user or [template] dropdown list, select a template or login that already has the predefined authorizations that you want to assign to the group you are creating. Refer to Users and User Groups - Default User Templates for more information on default user templates.

  6. In the Central management server configuration rights section, select the level of authority to assign to the new user group from the following options. Users that login into HP SIM as members of this group inherit these configuration rights.

    • full, allowed to modify all central management server settings. Allows the user total control of the database. Users can run discovery of systems and data collection define users and authorizations; set Cluster Monitor configuration; configure licensing and protocol settings; and create, modify, delete, and run reports, snapshot comparisons, tools, custom commands, events, automation tasks, and so on.

    • limited, allowed to create/modify/delete all reports and their own tools. Allows the user to create new reports, edit any reports, and delete any reports (including the predefined reports).

    • none, no configuration of central management server allowed. Allows the user to view and run predefined reports on the CMS and all managed systems. However, the user has no configuration rights on the CMS or on the managed systems.

  7. Under the Login IP Address Restrictions section, in the Inclusion ranges field, enter the IP addresses of the systems that you want members of this user group to be able to use as a client browsing into this CMS. If you list multiple IP addresses, separate them with a semicolon (;). Each range is a single IP address or two IP addresses separated by a dash (-). The IP addresses must be entered in the standard dotted form, for example, 15.1.54.133. Any spaces surrounding the semicolons or dashes are ignored. Spaces are not allowed within a single IP address in dotted form. Enter 0.0.0.0 to prevent a user from logging in through a remote system.

    Important: If browsing from the central management server, ensure all IP addresses of the CMS are properly included. If browsing to localhost ensure the loopback address 127.0.0.1 is also included.

  8. In the Exclusion ranges field, enter the IP address of the systems that should be excluded from members of this user groups as clients browsing into this CMS. Use the same format in the previous step for Inclusion ranges.

    Note: Be sure to verify that your inclusion and exclusion ranges do not overlap.

  9. Click [OK] to save and close the New User Group section. You can click [Apply] to save and keep the New User Group section open, or click [Cancel ] to cancel to close the New User Group section without saving the new group.

Command Line Interface

Users with full-configuration-rights can use the mxuser command to create user group from the command line interface (CLI)

Users with limited-configuration-rights can use the mxexec command to launch command tools on one or more systems from the CLI. For assistance with this command, refer to the associated manpage.

Refer to Getting Started - Using Command Line Interface Commands for information on accessing the manpage.

Related Procedures

» Users and User Groups - Editing User Accounts and User Groups
» Users and User Groups - Deleting User Accounts and User Groups
» Users and User Groups - User and User Group Reports

Related Topics

» HP Systems Insight Manager Technical Reference Guide - Users and Authorizations
» Users and Authorizations - Users and User Groups
» Users and User Groups - Default User Templates