NEW!
This feature is new in Arellia v8.1.
AMS Administrators Membership Required
You must have Full Access rights to modify or clone a security descriptor; AMS Administrators members have Full Access rights. If you are not a member of the AMS Administrators role, then contact a member of that group to apply these changes.
The Resources that a user has access to can be restricted to a limited scope. This is often referred to as Resource Scoping. In the Arellia Management Server this is typically accomplished by scoping the resources that a user has access to by using Active Directory organizational units or groups. There are 2 steps to enable resource scoping:
After the scoping has been enabled and configured then reports and pickers in Arellia will automatically be scoped to show only what the logged in user has access to according to their AMS Application Role.
Enable Resource Scoping on a Resource Type
To enable Resource Scoping in Arellia, do the following:
- Open the Configuration Tab of the Arellia Security Manager
- Navigate to Settings > Configuration > Resource Settings > Resource Types
- Select the Resource Type that you want to scope
- Then select the Security Scope Set
- To use Active Directory scoping, select Active Directory Domains
- Save the Resource Type
Set the Security on the Scoped Resources
- Open the Resources Tab
- Navigate to an Organizational Unit or Group that contains the resources to be scoped
- Right-click and select Properties
- Click the Security tab.
- Select Security descriptor and click the Select... link.
- Click the security descriptor you want to use.
- Click Save.
- Repeat these steps for each of the Scoped Resources