Export (0) Print
Expand All

About User Roles in Operations Manager 2007

Operations Manager 2007 can monitor many types of applications in the enterprise. As the Operations Manager administrator, you want to limit access to monitoring data. Role-based security allows you to limit privileges that users have for various aspects of Operations Manager 2007.

Bb309440.Important(en-us,TechNet.10).gifImportant
Adding a machine account to a user role member allows all services on that computer to have software development kit (SDK) access. It is recommended that you do not add a machine account to any user role.

In Operations Manager 2007, operations—such as resolving alerts, running tasks, overriding monitors, creating user roles, viewing alerts, viewing events, and so on—have been grouped into profiles, with each profile representing a particular job function as shown in the following table.

Bb309440.note(en-us,TechNet.10).gifNote
A scope defines the entity groups, object types, tasks, or views that a profile is restricted to. Not all scopes apply to all profiles.

Profile Job Functions and Scope

Administrator

Includes full privileges available in Operations Manager.

Advanced Operator

Includes a set of privileges designed for users who need access to limited adjustment of monitoring configurations in addition to the Operator privileges. Grants members the ability to override the configuration of rules and monitors for specific targets or groups of targets within the configured scope.

Author

Includes a set of privileges designed for authoring of monitoring configurations. Grants members the ability to create, edit, and delete monitoring configuration (for example, tasks, rules, monitors, and views) for specific targets or groups of targets within the configured scope.

Operator

Includes a set of privileges designed for users who need access to alerts, views, and tasks. Grants members the ability to interact with alerts, run tasks, and access views according to their configured scope.

Read-only Operator

Includes a set of privileges designed for users who need read-only access to alerts and views. Grants members the ability to view alerts and access views according to their configured scope.

Bb309440.note(en-us,TechNet.10).gifNote
Members of the Read-only Operator role are not assigned rights to the Task Status view.

Report Operator

Includes a set of privileges designed for users who need access to Reports. Grants members the ability to view reports according to their configured scope.

Bb309440.Caution(en-us,TechNet.10).gifCaution
Users assigned to this role have access to all report data in the Reporting Data Warehouse and are not limited by scope.

Report Security Administrator

Enables the integration of SQL Server Reporting Services security with Operations Manager user roles. This gives Operations Manager Administrators the ability to control access to reports. This role can have only one member account and cannot be scoped.

A user role is the combination of a profile and scope as shown in as shown in the following illustration. A user can be a part of multiple roles and the resultant scope is the union of all the user roles.

Profile Plus Scope Equals User Role

Profile, Scope, and User Role

See Also

Did you find this information useful? Please send your suggestions and comments about the documentation.
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

Show:
© 2014 Microsoft