Configure Share Policy
Contents
Share Policy refers to the mechanism of authorizing roles and privileges to all users within a tenant. Users can access multiple domains concurrently with different roles assigned.
1.Log in to the Domain Management page.
2.In the Domain Management page, select Operations > Share Policy from the quick access toolbar. The Share Policy tab lists all users who have access to the current tenant.
3.Select a user to assign domain access and more privileges by role.
Note: If you have defined any device access policies, you can assign them to users. See Device Access Policy for more details.
4.Click Apply.
The system provides the following pre-defined roles, and the default privileges of each role are listed as follows.
Privileges |
Explanation |
Domain Admin |
Power User |
Engineer |
Guest |
Network Change Creator |
Network Change Executor |
Network Change Approver |
Portal Temp User |
|---|---|---|---|---|---|---|---|---|---|
Domain Management |
Log in to the Domain Management page and do the following domain management tasks: ▪View, export, and delete discovery report in the Fine Tune ▪Add network definition ▪View, add, modify, delete, and disable topology links in the Topology Link Manager ▪Resolve duplicated IPs and subnets in the Duplicated IP and Subnet Manager ▪Add checkpoint OPSEC tasks in the Checkpoint OPSEC Manager ▪Configure network security settings and L2/L3 topology building options ▪Configure a desktop profile for all users under a domain |
√ |
√ |
|
|
√ |
√ |
√ |
|
Share Policy Management |
Configure share policy (assign domain access and privileges to other users in this domain) |
√ |
|
|
|
|
|
|
|
Device Management |
▪Add, modify, and remove MPLS cloud ▪Remove devices from a domain |
√ |
√ |
|
|
√ |
√ |
√ |
|
Only system/tenant administrator can edit built-in files in the shared folder of Device Group, Qapp, Gapp, Parser, Dashboard Widget and Template, and Runbook Template |
√ |
√ |
√ |
|
√ |
√ |
√ |
|
|
Site Management |
▪Add MPLS clouds and unclassified network devices from the Fine Tune to a site ▪Open the Site Manager to do site management, such as creating, editing, deleting, importing, committing, and rebuilding sites |
√ |
√ |
|
|
√ |
√ |
√ |
|
Discover/Tune Network Device |
▪Create a do-not-scan list ▪Add discovery tasks from the Start Page or the Schedule Task page ▪Rediscover selected IPs and devices in the Fine Tune ▪Tune live access ▪Run on-demand discoveries |
√ |
√ |
|
|
√ |
√ |
√ |
|
Schedule Benchmark |
Add benchmark tasks from the Start Page or the Schedule Task page |
√ |
√ |
|
|
√ |
√ |
√ |
|
Manage Network Settings |
Configure and manage shared network settings |
√ |
√ |
|
|
√ |
√ |
√ |
|
Manage Device Settings |
Configure and manage shared device settings for each device in a domain from the following entries: ▪Site pane ▪Map ▪Fine Tune ▪Discover ▪Tune Live Access |
√ |
√ |
√ |
|
√ |
√ |
√ |
|
Access to Live Network |
Retrieve live device data from the network, which includes: ▪Run CLI commands and Qapps on a map page or in a runbook ▪Run monitor (Qapp-based) widgets and retrieve live data in static widgets in a dashboard ▪Retrieve variables once or monitor variables periodically from the live network in Instant Qapp ▪Calculate live paths (use the live network as the data source) ▪Browse live access logs |
√ |
√ |
√ |
√ |
√ |
√ |
√ |
√ |
Create Network Change |
Create network change tasks |
√ |
√ |
|
|
√ |
|
|
|
Execute network change tasks |
√ |
√ |
|
|
|
√ |
|
|
|
Approve Network Change |
Approve network change tasks |
√ |
√ |
|
|
|
|
√ |
|
View Network Change |
View network change tasks |
√ |
√ |
|
|
√ |
√ |
√ |
√ |
Map Layout Management |
Associate layout styles with site maps and shared device group maps |
√ |
√ |
|
|
√ |
√ |
√ |
|
Variable Mapping Management |
View and manage variable mappings |
√ |
√ |
|
|
√ |
√ |
√ |
|
Run Qapp |
Run and schedule Qapp tasks |
√ |
√ |
√ |
|
√ |
√ |
√ |
√ |
Golden Baseline Manual Definition |
Define golden baseline manually |
√ |
√ |
√ |
|
√ |
√ |
√ |
|
Golden Baseline Dynamic Calculation Management |
Enable or disable dynamic calculation to set golden baseline |
√ |
√ |
|
|
|
|
|
|
Manage SPOG URL |
View and define SPOG URL |
√ |
√ |
|
|
|
|
|
|
Portal Management |
Manage function portals |
√ |
√ |
|
|
|
|
|
|
Private Resource Management |
Manage private resources including: ▪Qapp ▪Gapp ▪Parser ▪Data View Template |
√ |
√ |
√ |
|
√ |
√ |
√ |
|
Primary Probe Management |
Create, read, update, and delete Primary Probes |
√ |
√ |
|
|
|
|
|
|
Secondary and External Probe Management |
Create, read, update, and delete Secondary and External Probes |
√ |
√ |
√ |
|
√ |
√ |
√ |
|
Adaptive Monitoring Polling Control |
Manage Adaptive Monitoring Polling including: ▪Adjust polling frequency ▪Configure blocking time ▪Configure polling delay |
√ |
√ |
|
|
|
|
|
|
Triggered Intent Management
|
▪Install Triggered Intent ▪Edit Execution Tree |
√ |
√ |
√ |
|
|
|
|
|
Schedule CLI Command
|
Add Schedule CLI Commands |
√ |
√ |
√ |
|
√ |
√ |
√ |
|
Run Ansible Task
|
Execute Ansible Task node in Network Change (CM) and Runbook |
√ |
√ |
√ |
|
|
√ |
|
|
See also:
▪Defining Device Access Policy