Managing user groups

You can use the Device Manager - Storage Navigator to view existing user groups, and to create, modify, or delete them.

Before creating or manipulating user groups, read and understand the following precautions.

  • When a user is assigned to multiple user groups, the user has the permissions of all the roles in each user group that are enabled on the resource groups assigned to each user group.
  • If a user has All Resource Groups Assigned set to Yes, the user can access all the resources in the storage system. For example, if a user is a security administrator and a storage administrator taking care of some resources, have all resource groups assigned, and has roles of Security Administrator (View & Modify) and Storage Administrator (View & Modify), the user can modify storage system settings for all the resources.

    If this is a problem, the recommended solution is to register the following two user accounts in the storage system and use these different accounts for different purposes:

    • A security administrator user account that has All Resource Groups Assigned set to Yes.
    • A storage administrator user account that does not have all resource groups assigned and has only some of the resource groups assigned.
  • For the user groups whose roles are other than the Storage Administrator, All Resource Groups Assigned is automatically set to Yes. If you delete all the roles except the Storage Administrator, reassign resource groups to the user group because All Resource Groups Assigned is automatically set to No. To assign resource groups to the user group, see Changing assigned resource groups.
  • Security settings that affect the entire system is configured by the administrator.
  • Resource group 10 is configured by user A.
  • Resource group 20 is configured by user B.

To implement the above configuration, assign the users to the user groups as shown below.

User

User group to be registered

Roles to be assigned to the user group

Resource group to be assigned to user group

Administrator

user group 1

Security Administrator (View & Modify)

All Resource Groups Assigned1

User A

user group 10

Storage Administrator2

Resource group 10

User B

user group 20

Storage Administrator2

Resource group 20

Notes:

  1. For the user group that is assigned the Security Administrator role, All Resource Groups Assigned is automatically set to Yes.
  2. There are a few types of storage administrators. For more information, see Roles.

Parent Topic
  • Setting up and managing user accounts

    After Device Manager - Storage Navigator has been set up on the SVP of your storage system, and the management clients are set up, you can create user accounts for Device Manager - Storage Navigator users and define their roles.

Child Topics