Tekelec Platform Operations, Administration, and Maintenance (OAM) Release 7.5 E88997 |
|
Previous |
Next |
The Groups Administration page enables you to create, modify, and delete user groups.
A group is a collection of one or more users who need to access the same set of functions. Permissions are assigned to the group for each application function. All users assigned to the same group have the same permissions for the same functions. In other words, you cannot customize permissions for a user within a group.
You can assign a user to multiple groups. You can add, delete, and modify groups except for the Pre-defined User and Group that come with the system.
The default group, admin, provides access to all GUI options and actions on the GUI menu. You can also set up a customized group that allows administrative users in this new group to have access to a subset of GUI options/actions. Additionally, you can set up a group for non-administrative users, with restricted access to even more GUI options and actions.
For non-administrative users, a group with restricted access is essential. To prevent non-administrative users from setting up new users and groups, be sure User and Group in the Administration Permissions section are unchecked. Removing the check marks from the Global Action Permissions section does not prevent groups and users from being set up. Figure 3-1 displays these sections of the Group Administration page.
Figure 3-1 Global Action and Administration Permissions
Each permission checkbox on the Groups Administration page corresponds to a menu option on the GUI main menu or a submenu. If a checkbox is checked for a group, then the group has access to this option on the menu. If a checkbox is not checked, then the group does not have access to this option, and the option is not visible on the GUI menu.
These checkboxes are grouped according to the main menu's structure; most folders in the main menu correspond to a block of permissions. The exceptions to this are the permission checkboxes in the Global Action Permissions section.
The Global Action Permissions section allows you to control all insert (Global Data Insert), edit (Global Data Edit), and delete (Global Data Delete) functions on all GUI pages (except User and Group). For example, if the Network Elements checkbox is selected (in the Configurations Permissions section), but the Global Data Insert checkbox is not selected, the users in this group cannot insert a new Network Element.
By default, all groups have permissions to view application data and log files.