eG Administration
 

Adding / Modifying User Roles

This page appears when the Add New Role button in the USER DEFINED ROLES page is clicked, and allows administrators to create a new role. New role creation can be performed in the following manner:

  1. Provide a name for the role in the Role name text box in this page.

  2. Next, indicate whether Limited or Complete Components access is to be granted to the new role. Selecting the Limited option restricts the new role's access to specific components/segments/services/zones that have been configured in the infrastructure. This is ideal for MSP environments, which cater to the hosting requirements of multiple customers. By assigning a role that allows only Limited component access to each of its customers, the MSP can ensure that every customer has access to only those infrastructure elements that are specific to his/her hosted environment.

  3. Typically, if a user has access to the Admin and Monitor modules, by default, when the user logs in he/she would have access to the Admin module. Likewise, if a user has access to the Monitor and Reporter modules, the Monitor module would be the default module when the user logs in. This default behavior can be altered by selecting an option from the Module to be viewed on login list. For instance, say, a new user role Executive is being created with access rights to both the Monitor and Reporter modules. By default, the Module to be viewed on login for this role is set to Default; this implies that the Monitor module will be the default module for the Executive user upon login. However, you might have granted extensive report-generation rights to the Executive role and limited monitoring right; therefore, you may prefer to set Reporter as the default module. In such a case, to grant the Executive role primary access to the Reporter module and not the Monitor module, select the Reporter option from the Module to be viewed on login list.

  4. Moreover, in any monitored environment typically, administrators alone have the right to make configuration changes using the eG administrative interface. Monitor users on the other hand have no access to the administration console. In large enterprises, multiple distinct administration teams may use the same eG Enterprise manager for their monitoring. These teams would require the ability to configure the monitoring for the servers they operate. To address such environments, eG Enterprise includes the capability to configure users with limited administration rights. For instance, a separate role can be created to allow monitor users with just the permissions to configure tests that should be executed on their servers, or to change the thresholds that can be applied for monitoring their servers. This is why, as soon as the Limited option is chosen, all the check boxes except the User Management, Component Management, Segment Configuration, Service Configuration, Zone Configuration, Group Configuration, Agent Test Configuration, Agent Threshold Configuration, Maintenance Policy Configuration, External/Remote Agent Configuration, and Audits check boxes, are grayed out in the ADMIN section of this page. This implies that user roles with Limited component access can only perform one/more of the following administrative functions:

    • Managing the limited set of components that is explicitly assigned to them;
    • Configure segments, services, groups and zones (as needed) using only the components in their monitoring scope;
    • Configuring tests pertaining to the components assigned to them
    • Configuring the thresholds related to the components under their monitoring purview
    • Suppressing the alerts related to the components assigned to them by configuring maintenance policies
    • Configuring additional external/remote agents for the components in their environment;
    • Configuring additional users/roles for their monitoring needs;
    • Auditing the activities of these users

    On the other hand, if the Complete option is chosen, it implies that the user role has access to all the monitored elements in the infrastructure, and can be granted any administrative/monitoring privilege as the administrator deems fit.

  5. If administrative privileges need to be assigned to the new role, then select the privileges from the ADMIN section. To assign all the admin privileges to a role, select Select all. As stated earlier, if the Limited Components access option is chosen, then except the Agent Test Config, Agent Threshold Config, and Maintenance Policy Config check boxes in this section, all other check boxes will be disabled.

  6. To provide the new role with access to all (except Reporter) the features of the eG monitor interface, select the Select all check box in the MONITOR section. To grant specific monitoring rights to the role, select the individual monitor modules from the MONITOR section.

  7. If the eG license enables the eG Reporter, then a REPORTER section will appear in this page. If the new role has access rights to all the REPORTER modules, then click on the Select all checkbox in the REPORTER section. To restrict access to specific reporter modules, select the required modules from the REPORTER section.

  8. Similarly, if the eG license enables Configuration Management, then a CONFIGURATION section will appear in this page. If the new role has access rights to all the Configuration Management modules, then click on the Select all checkbox in the CONFIGURATION section. To restrict access to specific modules, select the required modules from the CONFIGURATION section.

  9. Finally, click the Update button.

To modify a role, first, click on this icon () that will appear against the user-defined role in the USER DEFINED ROLES page. Upon clicking, this page will appear displaying the role details. Except the Role name all the displayed details can be modified using this page.