Configuring Tachyon users, roles and management groups.

Settings can be reached directly using the following URL:

https://<tachyon DNS Name FQDN>/Tachyon/App/#/platform/

where <tachyon DNS Name FQDN> is the one set up during the preparation phase, as described under the heading Preparation: DNS Names.

In this section...

Users and Groups page

The Users and Groups page lets you view and manage current Tachyon users, from this page you can:

  • Add new users and groups
  • Reactivate deactivated users and groups
  • Deactivate selected users and groups
  • Remove users and groups
  • View the details for particular users, groups and set their roles.

Roles page

The Roles page lets you view system roles and currently defined custom roles. From here you can, edit Role permissions and go into each role to set its users and group assignments and any associated management groups.

Configuring Access Rights - tutorial

A quick tutorial on configuring access rights for Tachyon. Using a scenario where access to Tachyon will be managed through Active Directory groups, the tutorial illustrates the general setup required and the particular steps needed to add Tachyon users.

In this tutorial

In this tutorial we demonstrate a process for creating Active Directory (AD) managed permissions to the Tachyon portal. We use specifically created AD groups for each of the Tachyon system roles and create Tachyon users for each one, we then define a custom role for a specific Instruction Set and create a Tachyon user with an existing AD group that provides access to running actions in the Instruction Set.

Example AD group a Tachyon system role

As mentioned in Users and Groups page: Tachyon users, we recommend that the AD security groups used for defining access to the Tachyon portal features are defined as Universal groups. The picture opposite shows an example AD Finance_Group_Administrator security group intended for a Group administrator Tachyon role. In our example, the Finance_Group_Administrator AD group is for workstation administrators of an AD OU called Finance.

Example Universal Group

Users and Groups page

Management Groups page

Management Groups are containers used to group devices and the software installed on those devices. Management Groups are defined using configurable rules that look at various properties of the devices and their installed software, these are then evaluated to determine the group membership. This means that Management Group membership adapts to changes to the devices and software in your environment.

Management Groups - tutorial
In this tutorial

In this tutorial, we add a number of Management Groups for the ACME organization: one that uses the name of the devices and several that use the Organizational Unit (OU) the devices belong to. The following picture shows what we have in our example Active Directory and how this will appear as Management Groups in Tachyon. Here you can see there are two servers in the AD Computers group, an additional Domain Controller server and five workstations in the OU.

By the end of this example, you will have added six Management Groups in addition to the default All Devices Management Group:

  • All Devices - this Management Group brings all devices into a single Management Group
  • Servers, Workstations, Executive, Support, Sales and Finance - these Management Groups will use an OU rule to separate the devices according to the OU they belong to.
If you want to take advantage of your  Configuration Manager database and pull in its inventory and usage data, so that you can mirror your Active Directory OU structure in your Management Groups, you'll need to configure a System Center Configuration Manager connector  in your Tachyon system.

Management groups

Assignments page

The Assignments page lets you view and manage current assignments for Tachyon roles, management groups, users and groups, from this page you can:

  • View all current assignments
  • Add new assignments
  • Remove current assignments.

Assignments Overview