Assigning Web GUI roles to LDAP users and groups

Assign Web GUI roles to the LDAP users so that they have permission to use the Web GUI functions.

About this task

If you assign the roles to groups, the authorizations that are associated with the roles cascade to all users that are members of the groups.

The Web GUI roles do not give the users permission to write to the ObjectServer. This permission is needed for certain Web GUI functions, for example, the Active Event List (AEL) and the Web GUI tools. You set up this permission after you assigned the Web GUI roles.

Write-permission to the ObjectServer can be granted only to Web GUI users that have the ncw_admin role or the ncw_user role. Assign these roles to the users that you want to synchronize to the ObjectServer.

Procedure

To assign Web GUI roles:

  1. To assign roles to user groups:
    1. Click Console Settings > Group Roles.
    2. Complete any combination of the search fields to help locate the groups.
    3. Select how many groups to display and click Search.
      A list of groups appears in the grid.
    4. Click the name of the group you want to assign roles to.
    5. From the Role(s) list, select the roles to assign the user group.
    6. Click Save.
  2. To assign roles to users:
    1. Click Console Settings > User Roles.
    2. Complete any combination of the search fields to help locate the users.
    3. Select how many users to display and click Search.
      A list of matching users appears in the grid.
    4. Click the user ID of the user you want to assign roles to.
    5. From the Role(s) list, select the roles to assign the user.
    6. Click Save.

What to do next

Create the LDAP users in the ObjectServer by enabling the user synchronization function.