If you would like to grant user permissions to access the Real-Time Console and view systems and real-time performance data, you will first need to create a Security Role for that user or an AD Group. In our example, we use the name "View Only".
To create the "View Only" Security Role:
- Open the Security Policy pane at the bottom of the Console.
- In the Home ribbon, click the Manage Roles button.
- Click Add New Role...
- Under Role Name, enter View Only. Click the Add Users/Groups button to assign an Active Directory group to this security role.
- Click the Search button and select the AD group that includes the domain users for which you want to grant view-only permissions. Click OK to add the new role.
- The new role "View Only" is now assigned to the AD group "AD_CUViewOnlyRole". Click OK to finish the role configuration.
- The View Only role is now added to the list along with the other default groups ControlUp Admins, Helpdesk, and Automation Admins. Click OK and wait until the changes are applied to the Security Policy Pane.
- In the Security Policy Pane, the new column "View Only" is added and you can start to assign permissions for this new role.
Actions to Set Permissions
Set the permission "Allow" to the following actions:
Perform organization-wide actions
Recommended actions
Launch Controllers
View Incidents
View Events
View All Hypervisors
Use Shared Credentials
Connect to Data Source
Optional actions to set the Allow permission:
Run Machines Actions
Connect to Windows Machine
Connect to Linux Machine
Event Viewer on Remote Computer**
Monitor File System**
Installed Software
Display Installed Software **
Display Installed Updates**
Registry
Monitor Machine Registry **
Services
Monitor Services **
** Optional: Other "View Only" settings that may require remote admin privileges