DCFM Enterprise User Manual (53-1001775-01, June 2010)
DCFM Enterprise User Manual 369
53-1001775-01
Role-based access control
15
Role-based access control
The Management application enables you to create resource groups and assign users to the
selected role within that group. This enables you to assign users to a role within the resource group.
The Management application provides one pre-configured resource group (All Fabrics). When you
create a resource group, all available roles are automatically assigned to the resource group. Once
the resource group is available you can assign a user to a role within the resource group.
Host management privileges
You can launch the Host Connectivity Manager (HCM) if you have read and write permissions to the
Host Management privilege. Other HBA-related operations are controlled by the following
privileges:
• The HBA technical support launch point is controlled by the Technical Support Data Collection
privilege.
• The Fibre Channel Security Protocol (FCSP) launch point is controlled by the Security privilege.
Read write (RW) and read only (RO) permissions are required.
• The HBA performance monitoring launch point is controlled by the Performance privilege.
Host administrator privileges
The Host Administrator role has the following privileges:
• Add and delete properties
• Discovery setup
• Host management
• Performance
• Properties edit
• Security
• Servers
• View management
Instructions for managing resource groups and users using roles and privileges are detailed in
“Users,”“Roles,” and “Resource groups” in Chapter 14, “Role-Based Access Control”.