You use the Authorizations -> Users menu to manage the local user accounts of all MUs of the SE server configuration and the attributes of the accounts (exception: service account). Accounts are MU-global, i.e. every account exists on every MU of the SE server configuration and always has the same attributes.
In addition to local accounts, you can also release or lock LDAP accounts for usage on the MUs of the SE server configuration, which are centrally managed on a connected LDAP server (see section "Managing accounts"). The prerequisite for this is that access to an LDAP server has been configured (see section "Access to an LDAP server").
For the administration and operation of the SE server, an administrator or security administrator can assign the following basic roles to the accounts. In addition, user-defined roles can be configured by combining basic roles (except Administrator and Service).
Administrator
BS2000 administrator
BS2000 operator
AU administrator
- Read-only administrator
- Security administrator
- Hardware administrator
- Storage administrator
- Power operator
- IP network administrator
- FC network administrator
- Shadow terminal operator
- OPENSM2 administrator and OPENSM2 information
- OPENUTM administrator, OPENUTM operator and OPENUTM information
- ROBAR administrator and ROBAR operator
- STORMAN administrator and STORMAN information
Service
The SE Manager only displays this role or the user accounts with this role. A service account cannot be administered in the SE Manager.
Detailed information on the various roles is provided in section "Role and user strategy".