There are three types of users that can be created and used in DX UIM

1. Real Nimbus Users (Bus Users)

2. Account Contact Users

3. LDAP Users

All these users can run in the same security context though they are created and managed in different ways.

Clarification is needed regarding the different types of user accounts available in DX Unified Infrastructure Management (UIM), where their credentials/permissions are stored, and how they interact with different components like Infrastructure Manager (IM) versus Operator Console (OC).

• DX UIM 23.4.*
• All supported OS and DB

Guidance

There are three primary types of users in DX UIM. While they operate within the same security context, they are managed and stored differently.

1. Real Nimbus Users (Bus Users)

• Management: Created and managed exclusively in Infrastructure Manager (IM) via Security > User Administration.
• Storage: Written to the security.cfg file located in the Nimsoft/hub folder. They are not initially stored in the UIM database.
• Behavior: When a Real Nimbus user logs into the Operator Console (OC) for the first time, a copy of the account is created in the database (CM_USER table).
• Required For: Accessing the OC SLM portlet or Dashboard Designer. Users must have 'SLM Admin' or 'Dashboard Designer' permissions on their ACL.

2. Account Contact Users

• Management: Created in the Operator Console (OC) via Settings > Account Admin.
• Storage: Written directly to the UIM database (CM_USER and CM_CONTACT tables).
• Limitations: Account Contact users cannot assign alarms to Real Nimbus users. They are primarily intended for OC-only access and are often restricted to specific accounts/origins.

3. LDAP Users

LDAP users are fluid and can function as either Real Nimbus Users or Account Contact Users depending on their ACL assignment:

• As Account Contact: If the assigned ACL is Linked to an Account, the LDAP user is treated as an Account Contact (even if not explicitly a member of that account).
• As Real Nimbus User: If the ACL is not linked to any account, the user is treated as a Real Nimbus User.
• Storage: Primary authentication resides in Active Directory. Metadata is stored in CM_USER once they log into OC for the first time.
  
  

Critical Notes

• Unique Usernames: All usernames must be unique across all types. Using identical names for LDAP, Nimbus, and Account users causes authentication conflicts in OC.
• ACL Synchronization: ACLs created in Account Admin (OC) migrate to security.cfg via a hub callback. However, ACLs created directly in IM do not automatically migrate to the database unless the "make ACL available to account/contacts" option is enabled (reintroduced in Jan 2022).

DX UIM official documentation: Types of Users (broadcom.com)