SummaryConfiguring Tachyon users, roles and management groups.
Settings can be reached directly using the following URL:
where <tachyon DNS Name FQDN> is the one set up during the preparation phase, as described under the heading Preparation: DNS Names.
In this section...
The Users page lets you view and manage the current users of Tachyon. From this page you can:
- Reactivate deactivated users
- Deactivate selected users
- Add new users
- Remove users
- View the details for particular users and set their roles.
The Roles page lets you view the system roles and currently defined custom roles. From here you can also go into each role to set its membership and any associated management groups.
A quick tutorial on configuring access rights for Tachyon. Using a scenario where access to Tachyon will be managed through Active Directory groups, the tutorial illustrates the general setup required and the particular steps needed to add the necessary Tachyon users.
Management groups are containers used to group devices and the software installed on those devices. Management groups are defined using configurable rules that look at various properties of the devices and their installed software, these are then evaluated to determine the group membership. This means that Management group membership adapts to changes to the devices and software in your environment.Management groups are used by Tachyon to:
- Determine the targets for questions, actions and reporting.
- Determine user permissions for targeting on particular devices based on Management group membership.
In terms of permissions for determining how Tachyon users interact with the devices in your network, Management groups work alongside Instruction sets.
In Tachyon Platform 5.2, Management Groups are created in two different ways:
- Rule based - the Management groups page lets you add, edit, delete and evaluate management groups that are based on rules - once created these appear in the Management groups page marked with an RB icon.
Direct based - these use scripts to create management groups by importing lists of devices using FQDN names only - once created these appear in the Management groups page marked with a DB icon.This type of Management group has no associated rules and cannot be edited and evaluated from the Management groups page.
Both types of Management group have the following properties:
- Each device known to Tachyon can be assigned to any number of management groups, or be left unassigned. Devices not assigned to any management group will still be accessible, subject to permissions.
- Roles can be associated with specific management groups, so that users with those roles will only be able to target the devices in their management groups.
- Management groups can only contain devices, and they are completely independent of any other management group, even if they contain the same devices.
- Each Management Group must have a unique name which is not case-sensitive.