HP Storage Essentials DB Viewer Software, Storage Essentials Standard Edition SRM Software 378

Roles Used to Restrict Access

Roles also restrict access to element properties, element records, and Provisioning Manager, as shown in Table 26 on page 351.

Table 26 Default Role Privileges by Elements

Role	Element

	Application	Host	Switch	Storage	Tape	Others
				System	Library

CIO	View	View	View	View	View	View

Domain	Full Control	Full	Full	Full Control	Full	Full
Administrator		Control	Control		Control	Control

Storage	View	View	Full	Full Control	Full	Full
Administrator			Control		Control	Control

Server	View	Full	View	View	View	View
Administrator		Control

Application	Full Control	View	View	View	View	View
Administrator

Help Desk	View	View	View	View	View	View

SIMViewOnly	View	View	View	View	View	View

Options for Restricting a Role

In addition, you can assign one of the following options within a role to further allow or restrict access for a specific element:

•Full Control — Lets you view and modify the record for the element on the Asset Management tab, and perform provisioning if applicable.

•Element Control — Lets you view and modify the record for the element on the Asset Management tab. You cannot perform provisioning.

•View — Lets you only view element properties.

For example, if users belong to a role that only lets them view the element properties on storage systems, those users would not be allowed to perform provisioning on storage systems because their role does not have the Full Control option selected for storage systems. That same role could also have the Full Control option selected for switches, allowing the user to perform provisioning for switches. Thus, the user would not be able to provision storage systems, but would be able to provision switches.

You can modify roles and/or create new ones. For example, you can modify the Help Desk role so that the users assigned to this role can also view Reporter and modify servers.

352 Managing Security