7.4.3 Viewing and operating permissions for business groups

To monitor multiple monitored hosts by grouping them into business groups, manage the JP1 users by using their JP1 resource groups and JP1 permission levels.

If restrictions on viewing and operating business groups are enabled, JP1 users who do not have permissions to the JP1_Console resource group cannot log in to the IM Configuration Management window.

The following figure shows how JP1 resource groups are assigned to business groups, and it shows how the scope to be viewed and operated is restricted.

Figure 7‒27: Assigning JP1 resource groups to business groups and restricting the scope to be viewed and operated

Before restricting the scope to be viewed and operated by JP1 users for each business group, assign a JP1 resource group to each business group. Then, assign JP1 resource groups and JP1 permission levels to JP1 users. As the result, you can restrict the scope a JP1 user can view and operate on to the business group that corresponds to the JP1 resource group granted to the JP1 user, according to the JP1 permission levels. The following figure shows an example of restrictions on viewing and operating business groups.

Figure 7‒28: Example of restrictions on viewing and operating business groups

The following table describes the relationships between permissions in the IM Configuration Management window.

Table 7‒26: Relationships between permissions in the IM Configuration Management window
Settings for a JP1 user		Permissions in the IM Configuration Management window
JP1 resource group	JP1 permission levels	Permissions in the IM Configuration Management window
`JP1_Console`	JP1_CF_Admin	Permission for administrator
	JP1_CF_Manager	Permission for operator
	JP1_CF_User	Permission for monitoring person
	JP1_Console_Admin JP1_Console_Operator JP1_Console_User	Permission for monitoring person
	None	Permission for monitoring person
`Other than JP1_Console`	JP1_CF_Admin	Permission for administrator^#
	JP1_CF_Manager	Permission for operator^#
	JP1_CF_User	Permission for monitoring person^#
	JP1_Console_Admin JP1_Console_Operator JP1_Console_User	Permission for monitoring person^#
	None	Permission for monitoring person^#
None	None	Permission for monitoring person^#

#:: If restrictions on viewing and operating business groups are enabled (the -bizmonmode option is set to ON in the jcoimdef command), JP1 users who do not have permissions to the JP1_Console resource group cannot log in to the IM Configuration Management window.

To Page Top