Use the Viewing User Group Details panel in the SAN Volume Controller Console to
view details about a selected user group.
Attributes
The
following attributes are displayed:
- ID
- Displays the system-assigned identifier for the selected user
group.
- Name
- Displays the name of the selected user group.
- Role
- Displays the role that applies to all users within the group.
The following values are possible:
- Monitor
- Users with the monitor role have access to all viewing
actions available with the SAN Volume Controller Console.
This user cannot perform any actions that change the state of the
cluster or the resources that the cluster manages. The user can access
all the information-related panels and commands, back up configuration
data, change his or her password, and issue the following commands: finderr, dumperrlog, dumpinternallog, ping, and chcurrentuser.
- Copy Operator
- Users with the copy operator role can manage all existing FlashCopy,
Metro Mirror, and Global Mirror relationships. They can also create
and delete FlashCopy mappings, FlashCopy consistency groups, Metro
Mirror or Global Mirror relationships, and Metro Mirror and Global
Mirror consistency groups. In addition, the user can access all the
functions available to the Monitor role.
- Service
- Users with the service role can view the View Clusters panel,
launch the SAN Volume Controller Console,
and view the progress of actions on clusters with the View Progress
panel, begin disk discovery process, and discover and include disks.
The user can access the following commands: applysoftware, setlocale, addnode, rmnode, cherrstate, setevent, writesernum, detectmdisk,
and includemdisk. A user with this role can also
access all the functions available to the Monitor role.
- Administrator
- Users with the administrator role can access all functions on
the SAN Volume Controller Console and
issue any command-line interface (CLI) command, except those that
deal with managing users, user groups, and authentication.
- Security Administrator
- Users with the security administrator role can access all functions
on the SAN Volume Controller Console and
issue any CLI command. Users with this role can also manage users,
user groups, and manage user authentication.
- Members
- Displays the names of users that are defined in the selected user
group.
- Remote Visibility
- Indicates whether this user group can be used during remote authentication.
As part of configuring remote authentication, administrators can configure
user groups on the cluster to match the authorization that is provided
by the remote authentication service. For each group of users that
is defined on the remote authentication service, you can create a
corresponding SAN Volume Controller user
group with the same name and the Remote Visibility option enabled.
For example, if a group of users exist on the remote authentication
service called sysadmins, then a corresponding
group called sysadmins should be created on SAN Volume Controller cluster
with the Administrator role and with remote visibility option enabled.
If none of a user's groups on the remote authentication service
match the SAN Volume Controller user
groups then the user is not permitted to access the cluster. The following
values are possible:
- Yes
- Indicates that this user group can be used during remote authentication.
- No
- Indicates that this user group cannot be used during remote authentication.
Actions
The
following actions are available:
- Close
- Click this button to exit the panel.