14.3.2 Example tenant structure

The figure below shows an example NNMi topology consisting of two tenants. The three frames for users L, M, and N indicate the primary groupings for which users need to view the nodes. The topology for Tenant 1 is managed as a single group, so it needs only one security group. The topology for Tenant 2 is managed in overlapping sets, so it is separated into three security groups.

Table 14-3 lists the mappings between the security groups and the possible custom user groups for this topology. (An actual implementation of this security model might not require all of these custom user groups.)

Table 14-4 lists the mappings for several user accounts and the user groups for this topology.

Figure 14‒2: Example topology for multiple tenants

Table 14‒3: Example security group mappings for multiple tenants
Security group	Security group's nodes	User groups	Object access privileges
`T1` `SG`	`A`, `B`, `C`, `D`, `E`	T1 Administrator	Object Administrator
		T1 Level 2	Object Operator Level 2
		T1 Level 1	Object Operator Level 1
		T1 Guest	Object Guest
`T2` `SGa`	`F`, `G`	T2_a Administrator	Object Administrator
		T2_a Level 2	Object Operator Level 2
		T2_a Level 1	Object Operator Level 1
		T2_a Guest	Object Guest
`T2` `SGb`	`H`	T2_b Administrator	Object Administrator
		T2_b Level 2	Object Operator Level 2
		T2_b Level 1	Object Operator Level 1
		T2_b Guest	Object Guest
`T2` `SGc`	`I`, `J`	T2_c Administrator	Object Administrator
		T2_c Level 2	Object Operator Level 2
		T2_c Level 1	Object Operator Level 1
		T2_c Guest	Object Guest

Table 14‒4: Example user account mappings for multiple tenants
User account	User groups	Node access	Notes
User `L`	NNMi Level 2 Operators	None	This user has operator level 2 access to the nodes in the user `L` frame, which groups all nodes in Tenant `1`.
User `L`	T1 Level 2	`A`, `B`, `C`, `D`, `E`
User `M`	NNMi Level 1 Operators	None	This user has operator level 1 access to the nodes in the user `M` frame, which groups a subset of the nodes in Tenant `2`.
	T2_a Level 1	`F`, `G`
	T2_b Level 1	H
User `N`	NNMi Level 2 Operators	None	This user has operator level 2 access to the nodes in the user `N` frame, which groups a subset of the nodes in Tenant `2`.
	T2_b Level 2	`H`
	T2_c Level 2	`I`, `J`

To Page Top