Multi-Group Users

Learn about controlling access to Oracle Communications Unified Assurance user interfaces by assigning users to multiple groups.

About Multi-Group Users

A multi-group user is a user assigned to multiple user groups. Multi-group users have access to everything available in each group. This allows for a hierarchy of user access. You can restrict data using the restrictive user group properties. Assigning a user to multiple groups allows them to combine those restrictive groups without the need to log out and back in as different users.

Choosing Multi-Group Users or Multitenancy

Multi-group users and multitenancy serve different purposes. Multitenancy allows data to be viewed without regard to the restrictions of users and groups. If a user does not need access to typical configuration processes, but does need to view a specific service or dashboard, choose multitenancy. If a user provides support for two separate user groups and needs to be able to access everything those users can, choose multi-group users.

See "Configuring Multitenancy" for more information about multitenancy.

Setting Up Multi-Group Users

To set up multi-group users:

  1. Create content for each group.

    1. Make sure devices are discovered and data is being collected.

    2. Create any required dashboards.

      Note:

      Even if a user has access to the dashboard, the content within the dashboard, such as devices, is still checked for access.

    3. Create any required diagrams.

      Note:

      Even if a user has access to the diagram, the content within the diagram, such as devices, is still checked for access.

    4. Create any required event filters.

    5. Create any required links.

    6. Create any required menus for the desired areas: diagrams, events, and topology. If a user has access to multiple menus, the menu options will be combined into a single menu with any duplicates removed.

  2. Create groups for the desired areas: dashboard groups, device groups, diagram groups, event filter groups, and link groups. These groups will determine what each user has access to.

  3. Create user groups with the proper restrictive properties set. The absence of a restrictive property will generally result in "Root"-level or "Global"-level access. The following exceptions exist.

    1. RestrictiveEventMenuID: If no restriction is created, the user group will have access to whichever menu is flagged as the "default" menu.

    2. RestrictiveTopologyMenuID: If no restriction is created, the user group will have access to the "Default Topology Tools" menu.

  4. Create or update users to have the appropriate user group or groups. The users form has a "User Group Name" field for the primary group. If the user needs access to additional groups, they are added through the "Subgroups" selector.

    Note:

    Preferences for a User are only inherited from the primary User Group.

    Preferences that are set for a user Subgroup are not inherited to the user.