in Operator Console how can I make different internal groups able to only see subsets of our devices?


Article ID: 220358


Updated On:


DX Infrastructure Management


We have some devices reporting in Operator Console that we want to isolate to be accessible to only a few groups.  How can we accomplish this?


Release : 20.3



First we should review the types of users in UIM -

In order to separate out groups of devices like this you would need to use Account Contact users and not Bus Users.  A high-level overview of this setup would be as follows:

- in Account Admin (now in Settings tab) you would need to create an account, e.g. "NetworkGroup" 
- also in Account Admin you would create an ACL for this group, like "NetworkGroupLDAPACL" and give the appropriate level of permissions for the users in that group
- next in Account Admin you would link that ACL to a specific LDAP group;  now, users who log into UIM who are part of that LDAP Group will be assigned this ACL and be treated as members of this Account
- next in Operator Console you would log in as the administrator and create a new group.  Set the appropriate filters to capture the devices that you are interested in, and choose the account (e.g. "NetworkGroup") at the top of the group creation screen - this will limit this particular group so that only members of the assigned account can see it.
- You would have to repeat this process for each different LDAP group, creating a unique Account and unique ACL for each one which would then be used to link the LDAP Group to the account.


Additional Information

see also-