Manualshelf

White Papers

ManualsBrandsDell ManualsActive System ManagerEMC OpenManage Enterprise
12345678910
Table Of Contents
Scope Based Access Control with OpenManage Enterprise 3.6|Document ID: 21396 P a g e | 8
Scope restriction for directory users once a directory group has been assigned to Device
Manager role, access can be restricted to one or more groups as shown via the Assign Scope
button.
1.3 Restricted View
A scope restricted Device Manager only sees the following:
- Groups (therefore, devices in those groups) in their scope.
- Entities that they own (such as Jobs, Alert Policies, Profiles and so on)
- Community entities (such as Identity Pools and VLANs these are entities that can be used by everyone
accessing the console and do not need to be restricted to specific users).
- Built-in entities of any kind.
For directory users, what a scope restricted user sees depends on the directory groups they are a member of.
If a user is a member of multiple directory groups, each with the Device Manager Role and each directory
group has distinct scope assignments then the user’s scope is the union of the scopes of those directory
groups.
Examples: