Cisco Cisco Unified Operations Manager 8.0 White Paper
© 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 64 of 70
The view for Joe when he accesses the group /CS@IPCOM-DEMO5/System Defined Groups/Routers/Cisco 7200
Series Routers/Cisco 7204 Router is shown in Figure 21.
Figure 21. Device Group View
Joe sees only device 172.20.118.47 in the group, and Frank’s login allows Frank to see only device
172.20.118.48.
Note:
If the Operations Manager server is using Access Control Server mode and you want to provide access
to a cluster for any user, all the devices in the cluster must be explicitly added into the ACS configuration for that
user. It should include Unified Communication Managers, gateways, Unity devices, gatekeepers, and so on.
Why Do We Need to Create a New Role in ACS?
In ACS, the administrator can assign only one role for a user in a network device group. If a user requires
privileges other than those associated with the current role to operate on a Network Device Group, a custom role
should be created. All necessary privileges to allow the user to operate in the Network Device Group should be
given to this role.
For instance, if a user needs both Approver and Network Operator privileges to operate on NDG1, you can create
a new role with Network Operator and Approver privileges, and assign the role to the user, so that the user can
operate on NDG1.
How to Create a New Role in ACS
To create a new role in ACS, do the following:
Step 1. Log in to ACS.
Step 2. Click Shared Profile Components (Figure 22).