Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Open-AudIT ships with inbuilt roles for admin, org_admin , and user and reporter.

Generally, a user who is an administrator of the Open-AudIT application itself should have admin and possible org_admin roles.

...

The admin role allows access to collections such as baselines, configuration, database, groups, ldap servers, logs, queries and roles. Global items that affect the entire application.

The org_admin role usually allows create, read, update and delete actions for any collection that contains the org_id column. Virtually all data except some of the collections mentioned above will contain an org_id column.The reporter role allows the creation of baselines, licenses and queries.

The user role generally allows read only access to all items with an org_id column.

...

Don't forget you have granular control over what users can see and do using Roles in Enterprise.


Their OrgIDs and any descendantsTheir OrgIDs onlyTheir OrgIDs, descendants and ascendants

applications

baselines

baselines_policies

buildings

clouds

clusters

collectors

connections

credentials

devices

discoveries

discovery_log

floors

integrations

ldap_servers

licenses

locations

logs

networks

orgs

rack_devices

racks

rooms

rows

search

tasks

users

configuration

database

errors

help

nmis

san

test

util

dashboards

discovery_scan_options

fields

files

groups

queries

reports

roles

rules

scripts

summaries

widgets

Active Directory and OpenLDAP

...

Note - A user may have access to a query from Default Org, but that is the query itself , not the result. The result will only show devices that the user has access to - IE their own and descendant Orgs devicesdevices from Finance A and Dept A, B & C.