devices, but grant different rights. Sometimes, it is useful to assign generic rights to the lesser role, and include the iLO 2 MP administrators in that role, and the administrative role.

Figure 7-22shows one way that an administrative user gains admin role right. The admin user’s initial login right is granted through the regular user role. After the initial login, more advanced rights are assigned to the admin user through the admin role such as server reset and remote console.

Figure 7-22 Admin User Gaining Admin Role Right, Example 1

In Figure 7-23, the admin user gains the admin role right in a different way. The admin user initially logs in through the admin role and is immediately assigned admin rights (server reset, remote console, and login).

Figure 7-23 Admin User Gaining Admin Role Right, Example 2

Creating Roles that Follow Organizational Structure

Often, administrators within an organization are placed into a hierarchy in which subordinate administrators must assign rights independently of ranking administrators. In this case, it is useful to have one role that represents the rights assigned by higher-level administrators, and to allow subordinate administrators to create and manage their own roles.

Restricting Roles

Restrictions enable you to limit the scope of a role. A role only grants rights to those users who satisfy the role's restrictions. Using restricted roles creates users with dynamic rights that change based on the time of day or network address of the client.

For step-by-step instructions on how to create network and time restrictions for a role, see “Setting Role Restrictions” (page 167) or “Setting Time Restrictions” (page 168).

Role Time Restrictions

You can place time restrictions on iLO 2 MP roles. Users are only granted rights that are specified for the iLO 2 MP devices listed in the role if they are members of the role and meet the time restrictions for that role.

Directory-Enabled Remote Management 175

Page 175
Image 175
HP Integrity iLO 2 MP 5991-6005 manual Creating Roles that Follow Organizational Structure, Restricting Roles