5.2.3 Specifying operation permissions for each JP1 user
Specify operation permissions for each JP1 user in the JP1/Base that is used as the authentication server (primary authentication server).
This subsection explains how to specify operation permissions for ITSLM after users have been set up as JP1 users.
- Organization of this subsection
(1) Before you start
-
Set up the users as JP1 users.
For details about how to set up users as JP1 users, see 5.2.2 Setting up JP1 users in JP1/Base.
-
Evaluate how you want to set up JP1 resource groups (service groups#) and the JP1 permission level that is to be applied to each service group for the JP1 users.
ITSLM's JP1 permission levels are JP1_ITSLM_Admin (service group administrator) and JP1_ITSLM_User (service user).
- #
-
Same as the JP1 resource groups in JP1/Base. This is the unit of managing monitored services for each client (such as a company) that outsources business systems. Every monitored service belongs to a service group.
In ITSLM, operation permissions are defined for each JP1 permission level as described in the following table.
Table 5‒2: Operation permissions for each JP1 permission level No.
JP1 permission level
User for which JP1 permission level is set
Operation permissions
1
JP1_ITSLM_Admin
Service group administrator
-
Add and delete monitored services.
-
Set up monitoring items.
-
Start and stop monitoring.
-
Monitor the status of monitored services.
-
Investigate problems.
-
Output reports.
2
JP1_ITSLM_User
Service user
-
Monitor the status of monitored services.
-
Investigate problems.
-
Output reports.
Because ITSLM does not allow a service group name beginning with a hyphen (-) to be specified in a command argument, we recommend that you use service group names that do not begin with a hyphen.
(2) Procedure
The JP1/Base Environment Settings dialog box or a JP1/Base command is used to specify operation permissions for each JP1 user. This subsection explains the procedure that uses the JP1/Base Environment Settings dialog box. For details, see the section that describes setup of JP1 users in the Job Management Partner 1/Base User's Guide.
To specify operation permissions for a JP1 user:
-
Specify operation permissions for a JP1 user.
On the Authentication Server tab, in Authority level for JP1 resource group, specify the applicable operation permissions for the JP1 user.
When the specified settings have been applied in JP1/Base's JP1/Base Environment Settings dialog box, specification of operation permissions for the JP1 user is complete.
(3) Supplementary information
-
This subsection explains an example of specifying operation permissions for JP1 users. This example specifies operation permissions for four JP1 users, A through D, who perform operations on service groups 1 through 3, each of which has two monitored services, as follows:
-
JP1 user A manages and monitors the monitored services in service groups 1, 2, and 3.
-
JP1 user B manages and monitors the monitored services in service group 1.
-
JP1 user C manages and monitors the monitored services in service group 3.
-
JP1 user D monitors the monitored services in service group 2 (this JP1 user does not manage monitored services).
The following figure illustrates these conditions.
Figure 5‒11: Example of specifying operation permissions To satisfy these conditions, operation permissions must be specified for these JP1 users as shown in the following table.
Table 5‒3: Example of specifying operation permissions No.
JP1 user
Service group
1
2
3
1
A
Admin
Admin
Admin
2
B
Admin
--
--
3
C
--
--
Admin
4
D
--
User
--
-