none
Rights for particular users to view particular tabs in synchronization service manager RRS feed

  • Question

  • Hi,

    The scenario is - Particular users are to be given rights to view either operations tab only for monitoring purpose,or right to view joiner only or, metaverse designer tab only or, metaverse search tab only or, metaverse agent tab only in Synchronization service manager.

    For this I have made users member of  various groups in AD like to give operations right I have made user sam as member of fimsyncoperators member and fimsyncbrowse member but still the user sam is not able to view the operation tab but is able to see joiner tab and same is the case with making users member of other group. Kindly suggest for this issue.

    Regards,

    Sonal

    Wednesday, June 27, 2012 6:09 AM

All replies

  • Are the groups domain groups or local groups?

    Not sure what you mean but the users do see everything from the synchronization manager or just parts?


    Need realtime FIM synchronization and advanced reporting? check out the new http://www.imsequencer.com that supports FIM 2010, Omada Identity Manager, SQL, File, AD or Powershell real time synchronization!

    Wednesday, June 27, 2012 7:15 AM
  • The groups are domain groups that we initially create after the fim installation as: fimsyncoperators, fimsyncadmins fimsyncjoiners,fimsyncbrowse and fimsyncpasswordset in active directory
    Wednesday, June 27, 2012 9:16 AM
  • If you created the domain groups after the installation of FIM, those aren't the groups that FIM is using.  FIM created local groups for you.  If you want to use domain groups, you must create them before installing FIM, and specifying those groups along with the domain name prefix (DOMAIN\FIM-Operators-SG, for example).  The installer will verify they exist if the domain is specified.  If not it may just create them locally however they are named...I know for sure the default names will get created locally if not altered.

    The groups won't tie users down to particular "tabs" however.  In order to view the Metaverse Designer, I think you'd have to have the Admin role, which grants full access to everything.  The Joiner role should grant access to the Joiner and Metaverse Search.  The info is probably in the help and online documentation, and you can also read about it in Module 2 of the FIM 2010 Ramp Up training.  I did a quick search and couldn't find a consolidated description of the security groups and what each grants access to.  It might make a good wiki article.

    Chris

    Wednesday, June 27, 2012 2:38 PM