Managing security in the NightWatchman console

NightWatchman security lets you control who has access to specific NightWatchman features (it relies on the account information provided by the Active Directory). With NightWatchman, you can:

  • Add new users or groups
  • Delete users or groups
  • Add new security roles
  • Change permissions for security roles
  • Assign security roles to users or groups
  • Delete security roles
  • Set viewing and access options for the group hierarchies

Adding new user or group security accounts

To add a new user security accounts:

  1. In the Security section, select Users and Groups tab.
  2. Click the Add button.
  3. In the Select Users or Groups dialog, type the name of the user or group.
  4. Click the Check Names button to search the AD for the user or group.
  5. Click the OK button to create the security account.

Details for the account are sourced from the AD.

(question) Click here for a tutorial.

On this page:

Deleting users or groups

To delete an existing user or group security account:

  1. In the Security section, select the Users and Groups tab.
  2. Select the account you want to delete.
  3. Click the Delete button.
  4. If the warning option is turned on the Confirm Delete dialog is displayed. Click Yes to delete or No to cancel.

(question) Click here for a tutorial.

Turning off the deletion warning dialog

To prevent NightWatchman from displaying the deletion warning dialog every time you delete a power scheme, power policy, tariff, security role or security account, check the Don't ask me again checkbox, located on the warning dialog itself.

Before checking this box, make sure that you definitely do not want the deletion warning dialog to appear as deleting a NightWatchman Console Power Scheme cannot be undone.

Adding new security roles

To add a new security role:

  1. In the Security section, select the Roles tab.
  2. Click the Add button
  3. In the Add Security Role dialog, enter a name and description.
  4. Click OK to save the new security role.

After creating the new security role you will need to define the permissions for it.

(question) Click here for a tutorial.

Changing permissions for security roles

To change permissions for security roles:

  1. In the Security section, select the Roles tab.
  2. Select the role you want to amend.
  3. Check or uncheck the checkboxes for the permissions you want this role to have.
  4. Click Apply to enable the new permissions or Discard to revert the permissions to their original settings.

    PermissionsNotes

    Launch Console

    With this permission, users can launch the NightWatchman Console.

    Users must already have this permission before they can be granted any other permission.

    Clients
    With these permissions, users can access group hierarchies. The following permissions can be applied to the Location or Organization hierarchies individually:
    • View – users with this permission can view the group hierarchy subject to specific permissions assigned to the group hierarchy.

      Users must already have this permission before they can be granted the View All or Modify permissions.

    • View All – users with this permission can view the group hierarchy regardless of any specific permissions assigned to the group hierarchy.
    • Modify – users with this permission can modify the group hierarchy i.e. adding/deleting/renaming groups and moving/removing computers of group.
    • Queries – this enables the user to access the Queries tab.
    • Change Security – this enables users to define access for others by setting permissions on location and organization groups. This permission becomes available only when one or more of the View checkboxes are checked.
    If not all view permissions are selected a security warning will appear. This indicates that allowing access to the Query tab may expose information that would otherwise have been hidden based on the restrictions of the role. For example, if a role does not allow a user to see information about power policies, enabling access to the Query tab potentially will allow that user to display information related to power policies.

    This not only applies to different areas of the console that the user may have permissions to but also to the areas of the hierarchy that the user may have permissions for. A user may not be able to view the New York section of the hierarchy but will be able to run a query that may return information about the New York computers.
    Power Schemes
    With these permissions, users can access power scheme properties as follows:
    • View – users with this permission can view power schemes.

      Users must have this permission before they can be granted the Add, Edit or Delete permissions for Power Schemes.
    • Add – users with this permission can add new power schemes.
    • Edit – users with this permission can edit existing power schemes.
    • Delete – users with this permission can delete existing power schemes.
    Power Policies
    With these permissions, users can access power policy properties as follows:
    • View – users with this permission can view power policies.

      Users must have this permission before they can be granted the Add, Edit or Delete permissions for Power Policies.
    • Add – users with this permission can add new power policies.
    • Edit – users with this permission can edit existing power policies.
    • Delete – users with this permission can delete existing power policies.
    Power Consumption
    With these permissions, users can access power consumption properties for desktops, laptops and monitors as follows:
    • View – users with this permission can view the items in the power consumption tab.

      Users must have this permission before they can be granted the Edit permission for Power Consumption.
    • Edit – users with this permission can edit power consumption data in the chassis and monitor tables.
    Tariffs
    With these permissions, users can access tariffs properties as follows:
    • View – users with this permission can view tariffs.

      Users must have this permission before they can be granted the Add, Edit or Delete permissions for Tariffs.
    • Add – users with this permission can add new tariffs.
    • Edit – users with this permission can edit existing tariffs.
    • Delete – users with this permission can delete existing tariffs.
    WakeUp Servers
    With these permissions, users can access WakeUp Servers properties as follows:
    • View – users with this permission can view WakeUp Server properties.

      Users must have this permission before they can be granted the Edit or Delete permissions for WakeUp Server.
    • Edit – users with this permission can edit existing WakeUp Server properties.
    • Delete – users with this permission can delete existing WakeUp Server properties.
    Settings
    With these permissions, users can access settings properties as follows:
    • View – users with this permission can view settings properties.

      Users must have this permission before they can be granted the Edit permission for Settings.
    • Edit – users with this permission can edit existing settngs properties.
    Security
    With these permissions, users can access security properties. You can set specific permissions for the Users and Groups or Roles tabs.
    • View – users with this permission can view security properties for users and groups as well as roles.

      Users must have this permission before they can be granted the Add, Edit or Delete permissions for Security.
    • Add – users with this permission can add new users and groups as well as roles.
    • Edit – users with this permission can edit existing users and groups as well as roles.
    • Delete – users with this permission can delete existing users and groups as well as roles.
    Launch Import WizardWith this permission, users will be able to run the data Import Wizard.

(question) Click here for a tutorial.

Assigning security roles to users or groups

To assign security roles to users or groups:

  1. In the Security section, select the Users and Groups tab.
  2. Select the user or group from the list to assign the role to. Unassigned roles are identified by the (error) icon.
  3. Click the (error) next to the role to assign it to the user or group.

(question) Click here for a tutorial.

Deleting security roles

To delete an existing security role:

  1. In the Security section, select the Roles tab,
  2. Select the role you want to delete.
  3. Click the Delete button.
  4. If the warning option is turned on, the Confirm delete dialog is displayed. Click Yes to delete or No to cancel.
  5. If the role is associated with a user or group, another Confirm delete dialog is displayed indicating that the security role is use. Click Yes to delete or No to cancel.

(question) Click here for a tutorial.

To prevent NightWatchman from displaying the deletion warning dialog every time you delete a power scheme, power policy, tariff, security role or security account, check the Don't ask me again checkbox, located on the warning dialog itself.

Before checking this box, make sure that you definitely do not want the deletion warning dialog to appear as deleting a NightWatchman Console Power Scheme cannot be undone.

Setting viewing and access options for group hierarchies

To set viewing and access options for group hierarchies:

  1. In the Security section, select the Roles tab.
  2. Define a security role with the View (but not the View All) permissions.
  3. Select the Users and Groups tab.
  4. Assign the security role to the user or group.

An administrator with Change Security permissions must set the security properties for the node in either the Location or Organization hierarchies in order of the user or group to view that it. To do this:

  1. In the Clients section, right-click your mouse on the node.
  2. Select Properties from the menu.
  3. Click the Security tab in the Properties dialog.
  4. Select the user or group from the list.

(question) Click here for a tutorial.