103
PerleVIEW User Accounts
PerleVIEW User Accounts
Menu Selection: PerleVIEW User Accounts
Minimum Required Authorization: PerleVIEW Administrator
PerleVIEW uses a concept of authentication for logging users into PerleVIEW and a concept of
authorization for giving users and groups access rights to target devices. PerleVIEW uses Windows
authentication to control users logging into PerleVIEW. Authorization for accessing target devices is
done through adding a user or group and assigning (PerleVIEW Administrator, Device Admin,
Device Operator, Device View) rights to that user or group. By giving users or groups PerleVIEW
Administrator privileges, these users and groups will automatically have Device Admin access to
target devices.
Authentication
Authentication is based on the mode of operation you select. PerleVIEW can operate in one of two
modes for authentication of users.
Windows Mode
In this mode, the username and password which you enter on the login screen will be
authenticated against the Windows Server User Accounts. If successfully authenticated, you will
be granted access to PerleVIEW.
Once authenticated, PerleVIEW will create a “virtual” user record in its database for this
username (if a record does not already exist). A virtual user is a user which was dynamically
added by PerleVIEW as opposed to one that was manually configured by the PerleVIEW
administrator. “Virtual users” are shown in italics in the User Account log and they will have
Device View Access only, unless they are associated with a user group or groups. If this is the
case, they will be given the authorization which is associated with this group or groups.
PerleVIEW administrators will have access to see virtual user’s attributes, log the user out or
convert the virtual user to a normal user.
PerleVIEW/Windows Mode
In this mode, in order to be granted access to PerleVIEW the username/password must first be
authenticated by the Windows Server. If this is successful, PerleVIEW will next verify that the
username also exists in the PerleVIEW user database. If both conditions are valid, only then is
the user granted access to PerleVIEW. This mode of operation allows the PerleVIEW
administrator to control which Windows users will be granted access to PerleVIEW.
Authorization
Authorization is the process of assigning PerleVIEW and device rights (PerleVIEW Administrator,
Device Admin, Device Operator, Device View) to individual users or to a group. The easiest way to
add and maintain authorization rights to target devices is to create groups. Creating groups within
PerleVIEW will allow you to assign PerleVIEW and device access (PerleVIEW, Device View,
Device Operator or Device Administrator) to that group. Assigning a user to a group is done via the
Windows Server User Account settings. Create the same group name under the Windows Server User
Accounts then you can add or delete members from this group on your Window Server. When a user
logs in, the Windows Server will notify PerleVIEW as to which groups this user is associated with.
PerleVIEW will use that information to look for these groups on its database and extract the
associated PerleVIEW and device access rights from that group definition and assign them to the
user.