Managing Users and Groups

Users and Groups are managed from the Admin area of ProVision, under the Users tab. Both Global and Resource level groups are shown. 


Users Overview

A User is defined as a single login account that accesses ProVision. In the Users section, users may be added, edited, assigned to groups, have password information reset, or be removed. 

Creating/Editing User Accounts

Add Users by click on the "Add User" button at the bottom of the "Users" section of the page. The Edit User dialog will pop up. 

You can also bring up the same dialog to edit a user's information by clicking on the Action Menu (wrench icon) at the end of the row for the user.

When creating or editing User accounts, you will be presented with the following options. 

You may enter or edit the Username, First Name, Last Name, whether to enable help bubbles, and select one or more permissions groups to which to assign the user. 

When assigning users to multiple permissions groups, be sure to review the group permission details to ensure that they do not conflict with eachother!

Setting/Resetting User Passwords

When you click on the padlock icon, you will be presented with options to set a new password and/or send a password reset email to the intended user account.

From here, you can choose a new password, or use the automatically generated random password. 

If you select the checkbox next to "Send email?", email fields will appear that may be edited as desired. When complete, hit "Send". 

Removing a User

To remove a user from the Users list, click on the red circle "delete" icon next to that user. 

Groups

ProVision administrators can also create permission groups to assign users to. This allows more control over user roles.

A Group has four elements associated with it: 

Users: The Users that are assigned to the group, and will be limited by the selected permissions.

Resources: Resources access may be set to Global TLR (applies to all resources), or to the level of individually selected resources. 

Functional Area: The ProVision functional area (IPAM, Resources, Peering, etc) for the selected resource(s) that permissions are set under. 

Permission Level: Create, Read, Update, and Delete (C/R/U/D) permissions may be set under each functional area for each resource selected. 

In the example above, the group “MyGroup” allows the users Bob Smith and Jane Doe to only read IPAM and DNS data for the Resource  “Awesome Co”.

Through the use of these four elements, Groups can create permissions structures that are as flexible as you need. 

Default Groups

Two default groups are available initially in ProVision:

  • Global Admin (May not be edited or deleted)
  • Global Read-Only

These Global groups allow for access to the entire ProVision platform. You may add additional Global groups by creating a new group using the TLR (Top Level Resource). You may also add detailed resource level group permissions by selected individual resources.

For more detail on top-level and resource permissions, see Global Permissions and Resource Permissions.

Overlapping group and user permissions

Permissions are inherited based on the hierarchy of the objects, unless you specify a different permission!

Add or Edit a Group

New Groups can be created by ProVision administrators by pressing the green "Add Group" button. To edit a group, you may click on the Action Menu (wrench icon) for the group.

After hitting the "Add Group" button or wrench icon, the Group Information screen will pop up. 

Add in the name of the new group, and set the permissions for that group by defining the resource(s) in the dropdown menu, checking the functional areas that you want accessible.

Click "Show Details" to fine tune the functional areas into Create/Read/Update/Delete level permissions.

To add permissions for additional Resources, click "Add More Group Permissions", select the Resource, and check the desired permissions.

To delete a Resource from the permissions list, simply click the red icon. 

In the example below, we make a group called "Some Lab Group", whose users we want to be able to access two resources: 6connect Labz and 7connect Labs. These users will be working extensively in IPAM and Resources, so we give them full access to those areas of ProVision. However, we also want them to view other information, but not edit it. We click on "Show Details" to fine-tune the permissions, and then check the "R" column under Peer and User. 

Click "Save" when complete. After adding the group, you can add users to the group by selecting the group when editing a user account.

Removing a Group

To remove a user from the Users list, click on the red circle "delete" icon next to that user. 


Note: Users cannot edit or delete permissions for the Group to which they currently belong, unless they are also a member of the default Global Admin Group.



Additional Information

For more information on Users and Groups, see the following areas:

Users & Permissions

Global Permissions

Resource Permissions

Verifying Permissions


  • No labels