Permissions
You can authorize the same set of functional permissions multiple users, user group or each user ID at one time.
- Action
-
View allows the user to see and run a take action command from the available list of commands
in the Take Action view and in the menu for the Navigator item.
Modify allows the user to create and save Take Action commands. When enabled, Edit Action appears in the Navigator menu.
When issuing a take action command, you must be authorized on the relevant system for the requested command. For example, to issue a TSO command, your user ID must be both a valid TSO ID and a valid user ID on the portal server. The user ID must be typed with the same letter casing exactly as typed when logging on to the portal server (with the same letter casing).
- Agent Management
-
Manage allows the user to perform agent deployment throughout the managed network. This
includes installing a monitored product, keeping the software revisions up-to-date, and removing an
agent from the managed network. This permission also requires Action - Modify to be enabled.
Start/Stop allows the user to start a monitoring agent or to stop it running.
- Custom Navigator Views
- Modify allows the user to create new Navigator views, edit and delete them. With Modify cleared, the user will not see Edit Navigator View in the Navigator toolbar.
- Event
-
Attach allows the user to attach a file (such as detailed notes) to the
situation event. This permission requires that the user also have the Acknowledge and View
permissions.
Close lets you close a pure event or an event that was open before a situation was stopped manually. When it is enabled, Close Situation Event appears in the menu of the situation event flyover list, event Navigator item, and situation event console view when the selected event is a pure event or the situation has been stopped.
View enables you to see situation event indicators in the Navigator when situations become true.
Acknowledge allows you to acknowledge a situation event. When this permission is enabled, Acknowledge Event appears in the menu of the situation event flyover list, event Navigator item, and situation event console view.
- Feature
- Enable is dimmed because you cannot change it. The access to this feature is determined by your organization's Cloud Pak System Software Monitoring Server license.
- History
- Configure allows the user to open the History Collection Configuration window, configure history files and data rolloff, and start and stop data collection for the different attribute groups. When this permission is enabled, History Configuration appears in the main toolbar.
- Launch Application
-
Launch allows the user to invoke any of the launch definitions available for the Navigator
item, table view, chart view, or situation event console view. When this permission is enabled,
History Configuration appears in the main toolbar.
View allows the user to see the composition of the selected launch definition.
Modify allows the user to create, edit and delete launch definitions.
- Managed System Group
-
View allows the user to access the Object group editor for viewing managed system groups. The
user also needs Modify permission for the Object group editor tools to be available.
Modify allows the user to open the Object group editor to create, edit, and delete managed system groups.
- Policy
- View allows
the user to open the Workflows window to see the policies and their
definitions. With View permission, the Workflow Editor is available in the
main toolbar and Manage Policies is
available in the Navigator menu at the agent level.
Start/Stop lets you start and stop policies. With this permission enabled, Start Policy and Stop Policy are available when you select a policy.
Modify allows the user to open the Workflow editor to create and edit policies. With the Modify permission enabled, New Policy is available after the user selects a policy, as are the other editing tools: Edit Workflow, Copy Policy, and Delete Policy.
- Query
-
View allows the user to access the Query editor through the Properties editor and select a
query for the selected table or chart. With the View permission enabled, the user can assign a query
through the Query tab of the Properties editor.
Modify allows the user to create, edit and delete queries in the Query editor. With the Modify permission enabled, Query Editor is available from the main toolbar, as are the query editing tools.
- Situation
-
View allows the user to see situations in the Situation editor, including any expression
overrides, and in the Manage Situations at Managed System window. With the View permission enabled,
Situation Editor is available in the main toolbar and in the Navigator item
(except at the platform level) menu.
Modify lets you create new situations and manage them. When the Modify permission has been granted, the situation editing tools and menu options are available in the Situation editor, as well as the Override Formula button in the Distribution tab for qualifying situations.
Start/Stop lets you start or stop a situation and enable or disable a situation override. When this permission is enabled, Start Situation and Stop Situation are available in the situation event flyover list, situation event console view, Situation editor menu, and the Manage Situations at Managed System window; and Enable Situation Overrides and Disable Situation Overrides are available in the Situation editor menu.
- Terminal Script
- View allows
the user to run or stop running a terminal emulator script and to
see scripts, but not to edit them. If View is disabled the user will
be able only to run or stop a script.
Modify allows the user to create or record new terminal emulator scripts, edit, and delete them.
- User Administration
- If you are viewing your own user ID, you will see that View and
Modify are disabled; you cannot change your User Administration permissions.
Logon Permitted enables log on to the portal server with this user ID. The administrator can clear the check box to deny a user access to the portal. This option works in conjunction with the KFW_AUTHORIZATION_MAX_INVALID_LOGIN (the default is 0, unlimited attempts are allowed) parameter in the Cloud Pak System Software Monitoring Portal Server Environment Configuration file, kfwenv. When the value has been set and the invalid attempts have been exceeded, the check box is cleared automatically and the administrator must select the check box to reset the logon attempt count. See the Administrator's Guide for details.
Modify allows the editing of user IDs and removing them. When this permission is enabled, Administer Users is available in the main toolbar and the tools are available in the Administer Users window.Author Mode Eligible allows the user to enable or disable their Author Mode permission under Workspace Administration (see next authority), but not for any other user IDs.
View allows the user to open the Administer Users window and see their user profile.
Administration Mode Eligible allows the user to enable or disable their Administration Mode permission under Workspace Administration (see next authority), but not for any other user IDs.
- Workspace Administration
- Workspace
Author Mode allows the user to create and edit workspaces, links,
and terminal emulator scripts. If Workspace Author Mode is disabled,
the user cannot make any of these changes but can continue monitoring
and responding to alerts; the tools can still be seen, but they are
disabled.
Workspace Administration Mode is available only for the SYSADMIN user ID and new IDs made from it in the Create Another User window. When administration mode is enabled, changes you make to workspaces affect all users who log on to the same portal server . When it is disabled, workspace changes you make are not shared with other users. Be sure to select Do not allow modifications in the Workspace Properties whenever you create or edit a workspace in administration mode. Otherwise, if a user edits that workspace, you no longer own the workspace and cannot override their changes.
- WebSphere MQ Configuration Authorities
- IBM Tivoli OMEGAMON XE for Messaging: WebSphere MQ Configuration
installations will see this folder.
View allows the user to see, but not change, your organization's WebSphere MQ configuration in the Navigator Configuration view.
Modify allows the user to change your organization's WebSphere MQ configuration or to schedule updates in the Configuration view.
- Storage Subsystem Authorities
- IBM Tivoli OMEGAMON XE for Storage installations will see this
folder. Select View to allow the user
to see, but not change data. Select Modify to allow the user
to change data.
Data Collection Configuration allows the user to view or modify the collection control interval for the DFSMSrmm Status workspace and Dataset Attributes System Summary workspace.
Dataset Groups Collection Interval allows the user to view or modify the control interval for the Dataset Group Summary workspace.
Define/Update Dataset Groups allows the user to view or modify the group definitions for the Dataset Group Summary workspace.