(For a short video about this topic, click here.)
User Account Types
There are two user account types in OmniCenter: web and cloud. Only SuperAdmins (see below) may view and manage user accounts.
Web users are accounts that access OmniCenter through a web browser. Web users are managed on the User Administration page (Administration → Users → Edit/Add web Users).
Cloud users are accounts who access OmniCenter through the mobile application cloud interface. Cloud user accounts are automatically created the first time a web user logs in to OmniCenter using its mobile application. However, cloud user accounts are not in any way tied to a web user account. Cloud users are managed on the OmniCenter Cloud Services Dashboard (Administration → System → Cloud Services).
User Permissions Level
OmniCenter user accounts can be assigned one of four permissions levels. The different levels restrict access to tools in OmniCenter that are appropriate to each level. A user must be assigned a permissions level when the account is created. However, the permissions level can easily be changed at any time, thereafter. The four levels of permissions are outlined below.
This is a “read-only” permission level. A user account at this level can only view tools and reports for devices within their user partition group (if one is assigned). Users can acknowledge service, host and threshold alarms. This permission level is intended for the typical OmniCenter user.
A user with this permission level can view all normal user reports and tools, as well as some reports and tools that are at a higher permission level. This includes security tools (such as port scanners) as well as the ability to view and compare device configurations. Power Users can acknowledge service, host and threshold alarms. This permission level is intended for more advanced normal users who are not using OmniCenter in an administrative capacity. Power users can only ever see tools and reports for devices within their user partition group (if one is assigned).
They do not have access to the administration or configuration of individual devices or alerts within OmniCenter.
A user with this permission level can view any user-level tools, as well as edit any of the monitoring, polling and threshold configurations for any devices within their user user partition group (if one is assigned). Admins can also push device configurations to devices in their user partition. This permission level is intended for users who oversee other OmniCenter users.
Admins cannot view or edit anything for devices that are not within their specific user partition group.
This is a “root” user that can do anything. This permission level is intended for users who will be administrating OmniCenter itself. A SuperAdmin can view and edit anything configured in the appliance; as well as add devices, define user partitions and manage other users. SuperAdmins cannot be restricted to a user partition. It is recommended to limit the number of users to whom you assign this permission level.
A user partition is a feature used to restrict which devices a user can see and interact with within OmniCenter.
Within an enterprise environment, partitions are useful for filtering out devices from a user’s view that are outside the realm of their responsibility. While, in a service provider environment, partitions allow a service provider to produce comprehensive reports for customers while also preventing them from seeing devices outside of their service environment.
Users that have a partition assigned to their account can only view and interact with the devices that are also assigned to that partition. Users with no partition assigned to their account have an unrestricted view into every device being managed by OmniCenter.
Users can have a partition assigned to their account at any time, and can also be moved between partitions easily, if necessary.
User partitions are managed on the User Partition Administration page (Administration → Users → User Partitions).
Users can have a custom dashboard assigned to their account to act as their “home” dashboard (in place of the default Consolidated Dashboard).
Assigning a custom dashboard to a user account is useful when utilizing role-specific custom dashboards. A user with a custom dashboard assigned to their account is taken straight to their custom dashboard after logging in, without being required to navigate to it from the Consolidated Dashboard, as is the norm. The “home” icon also returns the user to their custom dashboard when clicked, instead of taking them to the Consolidated Dashboard.
Users with a custom dashboard assigned to their account can still view the Consolidated Dashboard using the “Quick Views” main menu entry.
Custom dashboards are managed on the Customize Dashboards page (Administration → Users → Custom Dashboards).
Preconfigured User Accounts
OmniCenter comes with two preconfigured user accounts, “administrator” and “basicuser.” These are not intended for general use, and under normal circumstances should not be used to log in to OmniCenter.
The “administrator” account is the default SuperAdmin account used when first setting up OmniCenter. (Note that despite its name, the “administrator” account is of permission level SuperAdmin.) This account is intended for initial administration of the OmniCenter appliance only. It is recommended that new SuperAdmin accounts be immediately created for the individual(s) who will be administrating OmniCenter itself. This provides accountability in the form of logged activity for individually identifiable accounts.
The “basicuser” account is used to set permissions for pass-through authentication from the OmniCenter Overview product (if you don’t use the Overview product, you can safely ignore this account). It is recommended that all OmniCenter users be assigned personal accounts from which to work, and that these preconfigured accounts not be used for day to day activities. This allows OmniCenter’s audit log to provide accurate accounting details on user actions.
User Login Authentication
For information on managing the authentication mode used for web user login, see User Login Authentication Modes.