About User Roles in Operations Manager 2007
Operations Manager 2007 can monitor many types of applications in the enterprise. As the Operations Manager administrator, you want to limit access to monitoring data. Role-based security allows you to limit privileges that users have for various aspects of Operations Manager 2007.
Important
Adding a machine account to a user role member allows all services on that computer to have software development kit (SDK) access. It is recommended that you do not add a machine account to any user role.
In Operations Manager 2007, operations—such as resolving alerts, running tasks, overriding monitors, creating user roles, viewing alerts, viewing events, and so on—have been grouped into profiles, with each profile representing a particular job function as shown in the following table.
Note
A scope defines the entity groups, object types, tasks, or views that a profile is restricted to. Not all scopes apply to all profiles.
| Profile | Job Functions and Scope |
|---|---|
Administrator |
Includes full privileges available in Operations Manager. |
Advanced Operator |
Includes a set of privileges designed for users who need access to limited adjustment of monitoring configurations in addition to the Operator privileges. Grants members the ability to override the configuration of rules and monitors for specific targets or groups of targets within the configured scope. |
Author |
Includes a set of privileges designed for authoring of monitoring configurations. Grants members the ability to create, edit, and delete monitoring configuration (for example, tasks, rules, monitors, and views) for specific targets or groups of targets within the configured scope. |
Operator |
Includes a set of privileges designed for users who need access to alerts, views, and tasks. Grants members the ability to interact with alerts, run tasks, and access views according to their configured scope. |
Read-only Operator |
Includes a set of privileges designed for users who need read-only access to alerts and views. Grants members the ability to view alerts and access views according to their configured scope. .gif "Bb309440.note(en-us,TechNet.10).gif") Note
Members of the Read-only Operator role are not assigned rights to the Task Status view.
|
Report Operator |
Includes a set of privileges designed for users who need access to Reports. Grants members the ability to view reports according to their configured scope. .gif "Bb309440.Caution(en-us,TechNet.10).gif") Caution
Users assigned to this role have access to all report data in the Reporting Data Warehouse and are not limited by scope.
|
Report Security Administrator |
Enables the integration of SQL Server Reporting Services security with Operations Manager user roles. This gives Operations Manager Administrators the ability to control access to reports. This role can have only one member account and cannot be scoped. |
A user role is the combination of a profile and scope as shown in as shown in the following illustration. A user can be a part of multiple roles and the resultant scope is the union of all the user roles.
.gif "Profile Plus Scope Equals User Role")
Profile, Scope, and User Role
See Also
Tasks
How to Add Users or Groups to the Report Operator User Role in Operations Manager 2007
How to Add Users or Groups to the Report Security Administrator User Role in Operations Manager 2007
How to Create an Advanced Operator User Role in Operations Manager 2007
How to Create an Author User Role in Operations Manager 2007
How to Create an Operator User Role in Operations Manager 2007
How to Create a Read-Only Operator User Role in Operations Manager 2007
How to Update Author User Role Properties in Operations Manager 2007
How to Update Operator or Advanced Operator User Role Properties in Operations Manager 2007
How to Update Read-Only Operator User Role Properties in Operations Manager 2007
How to Add Users or Groups to the Report Operator User Role in Operations Manager 2007
How to Add Users or Groups to the Report Security Administrator User Role in Operations Manager 2007