There are three types of uses that can be created and used in UIM
1. Real Nimbus Users
2. Account Contact Users
3. LDAP Users
All these users can run in the same security context though they are created and managed in different ways.
Release: UIM 20.x
There are essentially two types of users: Real Nimbus Users and Account Contact users. LDAP users fall into one these two categories but are a little more fluid.
1. Real Nimbus Users are created in Infrastructure Manager, (IM), through Security->User Administration. These users are written to security.dta file in the hub folder and the NimsoftSLM database never sees these users, (so UMP cannot see them).
2. Account Contact Users are created in IM through Security->Account Administration, and also in OC through the AccountAdmin webapp. These users are written to the NimsoftSLM database and IM can read ACLs written this way. When a user logs into OC for the first time, their user account is copied to the separate DB tables (CM_USER). Also, Account Contact users cannot assign alarms to Real Nimbus users.
3. LDAP Users can be treated as Real Nimbus Users or Account Contact Users - it depends on which ACL they are given. If the ACL is Linked to an Account, then the LDAP user will be treated as an Account Contact (even if they're not a member of that account.) If the ACL they are given is not linked to any account, the LDAP user gets treated as a Real Nimbus User.
- User information can be stored in four different places:
- Nimsoft\hub\security.dta for real nimbus users.
- NimsoftSLM > Account_, Group_ and CM_USERS tables for account contact users.
- NimsoftSLM CM_USERS table for users who have successfully authenticated in UMP.
- The completely separate Active Directory tables for LDAP users.
- Users who want to access OC SLM portlet or Dashboard Designer must be Real Nimbus Users, created in IM under Security->User Administration and have the 'SLM Admin' or 'Dashboard Designer' permission on their ACL.
This is by design and is intended to prevent one customer from one account from being able to view data that belongs to a different account. Again, these users are created exclusively in IM through "User Administration".
- All usernames should be unique. Creating LDAP users, Real Nimbus Users, and/or Account Contact users with identical usernames will create confusion about which credentials are being used to authenticate in OC.
Please check the UIM document:
Types of Users