Security Policy - View Only Role
    • Dark
      Light
    • PDF

    Security Policy - View Only Role

    • Dark
      Light
    • PDF

    Article Summary

    If you would like to grant user permissions to access the Real-Time Console and view systems and real-time performance data, you will first need to create a Security Role for that user or an AD Group. In our example, we use the name "View Only".

    To create the "View Only" Security Role:

    1. Open the Security Policy pane at the bottom of the Console.
    2. In the Home ribbon, click the Manage Roles button.
    3. Click Add New Role...4407141942673AddNewRole.png
    4. Under Role Name, enter View Only. Click the Add Users/Groups button to assign an Active Directory group to this security role.
    5. Click the Search button and select the AD group that includes the domain users for which you want to grant view-only permissions. Click OK to add the new role.
      4407136542865ADUserGroup.png
    6. The new role "View Only" is now assigned to the AD group "AD_CUViewOnlyRole". Click OK to finish the role configuration.
      4407137208849NewRoleAdded.png
    7. The View Only role is now added to the list along with the other default groups ControlUp Admins, Helpdesk, and Automation Admins. Click OK and wait until the changes are applied to the Security Policy Pane.
      4407146354065NewRoleVisible.png
    8. In the Security Policy Pane, the new column "View Only" is added and you can start to assign permissions for this new role.
      4407139060241ViewOnlyRoleAdded.png

    Actions to Set Permissions

    Set the permission "Allow " to the following actions:

    Perform organization-wide actions

    Recommended actions
    Launch Controllers

    4407164699537LaunchControllers.png

    View Incidents

    4407165205137ViewIncidents.png

    View Events

    4407173433489ViewEvents.png

    View All Hypervisors

    4407165766417ViewAllHypervisors.png

    Use Shared Credentials

    4407166060305UseSharedCredentials.png

    Connect to Data Source

    4407166694545ConnectToDataSource.png

    Optional actions to set the Allow permission:

    Run Machines Actions

    Connect to Windows Machine

    4407155337489ConnectToWindowsMachine.png

    Connect to Linux Machine

    4407155298833ConnectToLinuxMachine.png

    Event Viewer on Remote Computer**

    4407161712657EventViewerOnRemoteMachine.png

    Monitor File System**

    4407154122001MonitorFileSystem.png

    Installed Software

    Display Installed Software **
    4407158000785DisplayInstalledSoftware.png

    Display Installed Updates**
    4407157785105DisplayInstalledUpdates.png

    Registry

    Monitor Machine Registry **
    4407159057041MonitorMachineRegistry.png

    Services

    Monitor Services **

    4407159338641MonitorServices.png

    ** Optional: Other "View Only" settings that may require remote admin privileges


    Was this article helpful?