Skip to main content
Version: 2.9.0

User Roles Requirements

User Roles Requirements

info

Before setting up user roles in Superna Eyeglass, ensure the necessary prerequisites are met.

  • Confirm Permissions:

    • Administrative rights are required to set up and manage user roles.
    • Ensure that the account used for setup has full admin privileges in Eyeglass. User Management Admin Privileges
    Administrator Access

    ADMIN_STORAGE_QUOTA_REQUESTS: Search and display quotas, bulk limit quota update.

    AIRGAP: View and modify AirGap jobs configuration.

    ANYC_ADMIN: View anycopy jobs for all users. Can create, edit, and run anycopy jobs.

    ALARMS: View and clear alarms.

    APP_REGISTER: Register appliance on the cloud dashboard.

    BACKUP: Create and view backups of the Eyeglass appliance.

    CLUSTER_REPORTS: Create cluster, RPO, and CSM reports and view cluster reports.

    CLUSTER_STORAGE: View the cluster storage dashboard.

    DATA_CONFIG_MIGRATION: View the data config migration dashboard.

    DR_READINESS: View the DR Readiness of the managed devices.

    EASY_AUDITOR_MODIFY: Add and update reports, queries, schedules, and wiretaps.

    FAILOVER_HISTORY: View previous failovers.

    FILE_LOCK_PORTAL: Remove lock from locked files.

    INVENTORY_MODIFY: Add new managed devices or delete existing managed devices.

    JOBS_MODIFY: Start and modify Eyeglass jobs.

    LAUNCH_FAILOVER: Initiate Access Zone, SyncIQ, or DFS failovers.

    LICENSES: View, add, and remove Eyeglass licenses.

    LOGS: View Eyeglass logs.

    LOG_PARSER: Parse user backups.

    NOTIFICATIONS: Configure email, Twitter, Slack notifications.

    PHONEHOME: Modify phone home settings and run phone home jobs.

    RANSOMWARE_DEFENDER: View and configure Ransomware Defender.

    REMOTE_SERVICES: View and update remote Eyeglass services (probes).

    REST_API: Add or delete REST API tokens and define new widgets.

    USER_ROLES: Manage user roles and authentication.

    PERFORMANCE_AUDITOR: View Performance Auditor window.

  • Active Directory (AD) Authentication Provider:

    • The PowerScale OneFS's system zone must have an AD authentication provider added to validate passwords and retrieve AD group membership from AD.

  • Verify PowerScale OneFS's Active Directory Integration:

    • Ensure Active Directory (AD) is properly configured and accessible.

  • PowerScale OneFS's SMB Protocol Configuration:

    • Ensure that port 445 for the SMB protocol is open between the Eyeglass VM and the cluster.
    • SMB protocol must be enabled in the system zone.
    • SMB2 protocol is required for AD authentication of users with an SMB share in the system zone.

  • Trusted Domains:

    • Trusted domains can be used when adding users or groups. The trusted domain must trust the AD domain added to the system zone.

  • System Zone Authentication:

    • System Zone authentication is the only supported proxy login method and requires an AD provider in the system zone.
    • The login process will attempt to validate passwords on all clusters added to Eyeglass using SMB and system zone authentication requests over SMB.

Next: Quick Start Steps