Assigning users access to assets

Setting up role-based access control (RBAC) for users is a two-step process. After you add a user or group to a role that contains the appropriate permissions, you must assign the user access to SnapCenter assets, such as hosts and storage connections. This enables users to perform the actions for which they have permissions on the assets that are assigned to them.

About this task

You can assign access to users or groups even if the user or group is not part of a role. This helps you add users or groups; however, you must add the user or group to a role at some point to take advantage of RBAC permissions and efficiencies.

You can also assign credential maintenance to a user.

When you add a new node to a Windows cluster or DAG (Exchange Server Database Availability Group), you should reassign the RBAC user or group to the cluster or DAG to include the new node to the RBAC user or group. For example, you have a two-node cluster and you have assigned an RBAC user or group to the cluster. When you add another node to the cluster, you should reassign the RBAC user or group to the cluster to include the new node for the RBAC user or group.

If you are planning to replicate Snapshot copies, you must assign the storage connection for both the source and destination volume to the user performing the operation. You should add assets before assigning access to the users.

NEED REPLACEMEMENT TEXT FOR: If you are protecting CMs, VMDKs, or datastores, you must use NDAS.

Steps

In the left navigation pane, click Settings.
In the Settings page, click User Access.
In the User Access page, select the type of asset from the Asset drop-down list.
In the Asset table, select the asset, and then click Assign.
Select Domain or Workgroup as the Authentication type.
For Domain authentication type, you should specify the domain name of the user or group to assign users access to assets.
Note: You must register the untrusted domain in the Settings > Global Settings > Domain Settings page.
Select either User or Group.
Enter the user or group name, and then click Add.
If you are not sure about the name, use a more advanced search by clicking the Search users or group heading, typing a partial name, and then clicking Search.
Repeat this procedure until each user or group has access to all of the required assets.
Click OK to save your changes.