NetBackup™ Web UI Security Administrator's Guide
- Introducing the NetBackup web user interface
- Managing role-based access control
- About role-based access control (RBAC) in NetBackup
- NetBackup default RBAC roles
- Configuring RBAC
- Add a custom role
- Edit or delete a custom role
- Add an object group
- Previewing the assets, application servers, or protection plans for an object group
- Edit or delete an object group
- Add access for a user through access rules
- Edit or remove user access rules
- How can I limit role permissions to specific objects or assets?
- Security events and audit logs
- Managing host mappings and certificates
- About security management and certificates in NetBackup
- NetBackup host IDs and host ID-based certificates
- View NetBackup host information
- Approve or add mappings for a host that has multiple host names
- Reissue a certificate when a host's certificate is no longer valid
- Remove mappings for a host that has multiple host names
- Reset a host's attributes
- Managing global security settings
- Troubleshooting the web UI
Edit or remove user access rules
If a user's role in your organization changes or you need to change the user's access to the assets in the environment, you have the following options:
Edit an access rule for the user and select a different RBAC role or a different object group.
If you use a custom role, change the permissions for an RBAC role. Note that changing the permissions also changes the permissions for any other users that are associated with that role.
Change the object group settings that determine the assets, application servers, or protection plans that the user can view or manage. Note that changing these settings also changes access for any other users that are associated with that object group.
Remove an access rule for user so that user no longer has those role permissions or object group access that are defined in the access rule.
See Remove an access rule for a user.
If the user is currently signed in, use the API
Gateway DELETE /user-sessionsto sign out all users.
Edit an access rule if you want to change the role permissions for a user or the assets, application servers, or protection plans that the user can view or manage. Any changes you make to an access rule affect only that user.
To edit the access rule for a user
- On the left, click Security > RBAC.
- Click the Access rules tab.
- Locate and click on the name of the user (which is the user's associated access rule) that you want to edit.
Note that searches are case-sensitive.
- At the bottom left, click the lock icon.
- Select a different role or object group.
- Click Save.
- Repeat step 3 through step 6 to edit other access rules for the user.
Remove an access rule for a user if you want to revoke the role permissions and object group access of the access rule. Removing an access rule only affects the user that is configured in the rule. The user still retains any permissions and access inherited from other access rules.
To remove an access rule for a user
- On the left, click Security > RBAC.
- Click the Access rules tab.
- Locate the name of the user and select the check box for the access rule that you want to remove.
Note that searches are case-sensitive.
- Click Remove > Remove.