User Roles & RBAC
User creation and assigning Roles
The platform provides various user roles, so that only authorized users can perform the required tasks. As part of the cfxOIA installation, the platform administrator is created.
This section provides guidelines on how to manage users and assign user roles so that only authorized user can access the relevant functionality of cfxOIA.
cfxOIA allows creation of custom roles and allow access at page level. The following are some of the sample users. The Platform Admin is always the first user created as part of platform provision.
The following default roles are provided by the platform.
- 1.Project Administrator: A Project administrator administers and configures the projects. The project administrator will have access to 3 core applications of cfxOIA - Ops Intelligence & Analytics, Configuration and Users.
- 2.OIA User - Overall OIA application super user with project administrator access like configuration or user management. Access to OIA application with restrictions at project level.
- 3.IR User - Incident Room User (access to Incident Room functionality only)
- 4.L1 User - Level 1 User
- 5.L2 User - Level 2 User
cfxOIA allows to create either local user or connect and authenticate users with LDAP (Lightweight Directory Access Protocol).
Login as Platform Administrator.
Click on 'Users' application on the Featured Applications. The existing Users summary is displayed. Click '+' to create new user.
If Users are authenticated using existing LDAP providers, make sure 'Remote' on user creation is checked on. The user creation form do not capture password, as it is no longer relevant.
The user creation form captures the following information.
Remote User When users are authenticated using LDAP protocol, make sure it is checked.
User ID Enter User Id (needs to be unique and one common form is using user's email id).
Password Enter a password which the user can change later.
Confirm Password Re-enter password to match to above password
Role Select Role from drop-down (some examples are AIOps User, Project Admin, Incident User, Network User, etc)
First Name User First Name
Last Name User Last Name
Select Organization From the list displayed, select the organization(s) the user has access.
Please note in current version of cfxOIA application, on user creation view; Project is displayed as Organization (ex: Select Organization). There is no difference between a Project and an Organization within the product and used interchangeably.
Once local user is created, the user type is not changeable for example to Remote User.
From Users application view, select user and the context menu allows 'Assign Organizations', 'Edit User' and 'Delete User'. By selecting assign organization, the user can be reassigned to different organization(s) or add to new organization. Edit User allows to edit user details including changing user role and Delete User allows to delete the user.
CloudFabrix do not recommend deleting a user. It should be used with care.