Submit a ticketCall us

Announcing NCM 7.7
With NCM 7.7, you can examine the rules that make up an access control list for a Cisco ASA device. Then you can apply filters to display only rules that meet the specified criteria, order the rules by line number or by the hit count, and much more.
See new features and improvements.

Home > Success Center > IP Address Manager (IPAM) > IPAM Administrator Guide > Configuring IPAM > Define IPAM user roles

Define IPAM user roles

Table of contents
Created by Nanette.Neal, last modified by Nanette.Neal on Apr 21, 2017

Views: 169 Votes: 0 Revisions: 5

As a site administrator, you can use role definitions to restrict user access, as necessary, to maintain security without limiting your ability to delegate required network management activities. For example: Defining access roles per subnet, group, or supernet as well as combinations of those containers for specific users.

 

If subnets are moved to create hierarchy changes, inherited roles are inherited from the new parent. Customized roles are not changed.

 

The following user roles are available:

Administrator

Has read/write access and can initiate scans to all subnets, manage credentials, custom fields, and IPAM settings. Has full access to DHCP management & DNS monitoring.

Administrators are granted the same access to IPAM that is granted to Power Users, with the following added privileges:

  • SNMP credentials management
  • Custom fields management
  • Subnet scan settings configuration
  • Directly configure custom roles in the Subnet Edit pop-up dialog box

 

Power User

Power Users maintain the same rights granted to Operators with the addition of the following abilities:

  • Drag and drop reorganization of network components in the left pane of the Manage Subnets and IP Addresses view.
  • Supernet and group properties management, including the ability to edit supernet and group properties and custom fields on portions of the network made available by the site administrator

 

Operator

Operators maintain the same rights granted to Read Only users with the addition of the following abilities:

  • Addition and deletion of IP address ranges from portions of the network made available by the site administrator.
  • Subnet status selection on the Manage Subnets and IP Addresses page.
  • IP address property and custom field management, including the ability to edit IP address properties on portions of the network made available by the site administrator.

 

Read Only

Read only access to DHCP Servers, Scopes, Leases, Reservations and DNS Servers, Zones, Records Hide only.

This role restricts all access, including access to all DHCP Management and DNS Monitoring.

  • All IPAM Web Console resources, including search and Top XX resources not previously limited by Orion account limitations.
  • All IP address and network component properties and custom fields on the Manage Subnets and IP Addresses page.
  • The Chart View on the Manage Subnets and IP Addresses page.

 

Custom

This role is defined on a per subnet basis. DHCP and DNS access depends upon the Global account setting for those nodes.

Edit user roles

The following procedure edits existing IPAM user roles. 

  1. Click Settings > Accounts > Manage Accounts > in the Views menu bar.
  2. Select the Account you want to edit, and click Edit.
  3. Edit as needed, and click Submit.
  4. If you need to change the Password, click Change Password.
Last modified
12:01, 21 Apr 2017

Tags

Classifications

Public