Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP Servicecontrol Manager 3.0 User's Guide > Chapter 1 HP Servicecontrol Manager Introduction

Users and Roles
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

An SCM user can be anyone with a valid operating system login on the CMS. Once a user is added to SCM, then he can be authorized for roles on one or more nodes in the management domain. Figure 1-4 “Users and Roles” represents the relationship between users, roles, and nodes or node groups.

Figure 1-4 Users and Roles

Users and Roles

A role defines the responsibilities associated with an operation or process. Each role is associated with a set of SCM tools that a user might need for a particular task, such as database administration or software management. Authorizing a user for a role on a node or node group enables the user to run the associated set of tools on that node or node group. For example, the web admin role enables a user to access tools required for administering a Web server. In Figure 1-4 “Users and Roles”, Fred is authorized for the operator role on node group A. He can use tool A or tool C, which are associated with the operator role, to managed all the nodes in node group A.

IMPORTANT: Role assignments enable non-root users to run tools as root or as another specified user. Be careful when granting non-root users permission to run tools as root. Take into consideration all the capabilities given by a tool, above and beyond the capabilities it is designed for, before you associate it with a role.

You can have up to 32 roles in SCM including the master role. The master role is the only default role installed with SCM.

Master Role

The master role provides complete access to all tools for the authorized node or node group. When a tool is added to SCM, the master role is automatically associated with the tool. Tools cannot be removed from the master role, and the master role cannot be deleted from SCM. All other roles can be enabled, disabled, or deleted. If you don’t want a user to have access to all available tools for a specific node or node group, they should not be authorized for the master role on that node or node group.

CAUTION: A user assigned the master role on the CMS can execute commands as any user. Therefore, this user could grant trusted user privilege to himself.

Trusted User

A trusted user is a user who has been given a special privilege to administer the SCM software. Trusted users manage:

  • authorizations

  • nodes

  • node groups

  • users

  • roles

  • tools

In addition, trusted users maintain and backup the repository and monitor the SCM audit log.

By default, root on the CMS is assigned the trusted user privilege, but this privilege can later be revoked. The trusted user privilege can be given to one or more users, and SCM requires that at least one user is a trusted user. A trusted user is not automatically authorized to execute tools. Trusted users must be authorized for roles on specific nodes or node groups just like any other user.

Figure 1-5 Users and Trusted Users

Users and Trusted Users

In Figure 1-5 “Users and Trusted Users”, the only difference between Chris, Sue, and Fred is that Chris manages the SCM software. He can authorize himself or any other user to perform a role on a node or node group. With the current authorizations, Chris is limited to using only tools B and D on node 6.



The Management Domain
  		 


Tools  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2002-2003 Hewlett-Packard Development Company, L.P.