6.8.1.5 Managing Custom View Scopes

Setting Custom View Scopes (CVS) for groups enables you to filter the objects that are to be displayed in the WebNMS Clients and on which a user is permitted to do the respective authorized operations. By specifying the custom view scope criteria, you can ensure that users can view only the data for which they have authorization to perform these operations.

This section provides step-by-step instructions for the following tasks:

Adding Authorized Custom View Scopes

You can add an authorized Custom View Scope to a group to ensure the members of a group can view only the authorized data.

To add a custom view scope

In the Application Client, perform any of the following procedure.

From Tools menu, choose Security Administration.

Press Alt+S.

The Security Administration window is displayed.

From the Security tree, click the desired group.
Click Custom View Scope for Group tab on the right side.
From Custom View Scope Name drop down box, choose the module.
Click Add AuthorizedScope. The Scope Settings dialog box is displayed.
Enter the Authorized Scope Name in the Name field.
From the Name drop-down box, select the Property name. This drop-down box lists the property names (which can be used for creating the authorized scopes) specific to each of the Custom View Scope. For instance, selecting the Events Custom View Scope and clicking Scope Settings, provides you with the property names of Event Objects.
Enter the value for the property in Value field. To identify more than one property value, separate each value according to the appropriate operator in the following Value Operators table:

Value Operator	Description
* (Asterisks)	Use asterisk to filter on a match of zero or more characters. Example: To view all objects starting with the name test, set the property key as name and the value as test*.
! (Exclamation Mark)	Use exclamation mark to filter the search using the NOT operator. Example: To view all objects whose names do not start with test, set the property key as name and value as !test*.
, (Comma)	Use comma to filter objects where a single property key has different values. Example: To view all objects with names starting with abc or xyz, set the property key as name and value as abc,xyz.
&& (Ampersand)	Use ampersand to filter objects where a single value should be matched with many patterns. Example: To view all objects with names starting with abc and ending with xyz, set the property key as name and value as *abc&&xyz*.
\ (Back Slash)	Use back slash to filter objects when the name of the object itself contains a comma. This character is called an escape sequence because it avoids searching for objects, as if they had two different names. Example: To view an object with name a,b, set the property key as name and the value as a\,b.
<between> value1 and value2	Use greater than and less than signs to filter objects with numeric values within a specific range. Example: If object names with a poll interval value ranging between or including 300 and 305 are required, set the property key as pollinterval and value as <300 and 305>. Note that the first number is smaller than the second number. Only the values in between the given values, including the limits, are matched.

Click Add. This adds the Authorized Scope for the selected Custom View Scope of the group. You can add more than one property criteria based on your requirement.
On adding the properties, click Ok for making a permanent store.

Top

Assigning Authorized Custom View Scopes

After you have created an authorized Custom View Scope for a group, you can assign it to other groups as necessary.

To assign an authorized custom view scope

In the Application Client, perform any of the following procedure.

From Tools menu, choose Security Administration.

Press Alt+S.

The Security Administration window is displayed.

From the Security tree, click the desired group.
Click Custom View Scope for Group tab on the right side.
Click Assign AuthorizedScope. The Select AuthorizedScopes window is displayed.
Click the desired Authorized Scope from All AuthorizedScopes and click >.
Click Ok. The selected scopes are displayed in both the All AuthorizedScopes list and in the Selected AuthorizedScopes list.

Removing Authorized Custom View Scopes from Groups

You can remove an authorized Custom View Scope from a group when it is no longer valid for that group. By removing the Custom View Scope, the properties themselves are not changed nor is the Custom View Scope deleted from the database.

To remove an authorized custom view scope

In the Application Client, perform any of the following procedure.

From Tools menu, choose Security Administration.

Press Alt+S.

The Security Administration window is displayed.

From the Security tree, click the desired group.
Click Custom View Scope for Group tab on the right side.
Click Assign AuthorizedScope. The Select AuthorizedScopes window is displayed.
Click the desired Authorized Scope from Selected AuthorizedScopes and click <.
Click Ok.

Top

Changing Authorized Scope Properties

After you have added properties to an authorized Custom View Scope, you can make changes as appropriate.

Note

If you have assigned the authorized Custom View Scope to other groups, any changes to the Custom View Scope will affect those groups as well.

To change an authorized scope properties

In the Application Client, perform any of the following procedure.

From Tools menu, choose Security Administration.

Press Alt+S.

The Security Administration window is displayed.

From the Security tree, click the desired group.
Click Custom View Scope for Group tab on the right side.
Click the Authorized Scope to be modified from AuthorizedScopes for CV list.
Click Set Scope Properties. The Scope Settings dialog box is displayed. For information on adding, modifying, or removing the scope, refer to Configuring Authorized Scope.
Click Ok.

Top

Deleting Authorized Custom View Scopes

When an authorized custom view scope is no longer valid, you can delete it from the database. After this action, you must recreate it if you ever need it again.

To delete an authorized custom view scope

In the Application Client, perform any of the following procedure.

From Tools menu, choose Security Administration.

Press Alt+S.

The Security Administration window is displayed.

From the Security tree, click the desired group.
Click Custom View Scope for Group tab on the right side.
Right-click the Authorized Scope to be deleted from AuthorizedScopes for CV list and click Delete AuthorizedView.

After confirming that you want to delete the Custom View Scope, it is deleted from the database and from any group to which it was associated.

Top