Cmdb management, Planning – H3C Technologies H3C Intelligent Management Center User Manual

4

account is automatically assigned the permission of Information Auditing for the Default Account

Registration process.

After the SOM component is installed, new configuration information is added to the IMC Operator

Management module. Each operator can customize his or her own associated accounts and specify the

behaviors that need process auditing. For a behavior that needs process auditing, the auditing process

is forcibly enabled when the behavior is executed.
The term “SOM operators” refers to IMC users who have opened the corresponding accounts, have set

passwords, and have been assigned the permissions for certain components.

NOTE:

In this document, the terms “operators,” “processors,” and “handlers” are used interchangeably for users
who work on the processes and process instances (tasks) that are managed through SOM.

CMDB management

The CMDB management component of the SOM software maintains the basic data that is used during

process maintenance and provides unified management for all basic configuration items (CIs), such as

device asset information.
The component can register specific CI information and the related management, maintenance, and
data synchronization interfaces with the CMDB, and it provides data support for display and

configuration in Service Desk. The SOM operator can use these CIs when executing SOM processes.

Planning

Before using SOM, you must properly configure the following:

•

Account name—The user account name must be unique in SOM. You cannot create a SOM
account that already exists in the system. If you create a user account that has the same name as an

account that was deleted, the new account inherits all the process execution permissions of the

deleted one.
You can use a staff ID or email address as an account name.

•

Account permissions—You must pay careful attention to the permissions assigned to your account
that are associated with IMC operators. For example, when an IMC operator’s operation requires

process auditing, the account that is associated with the IMC operator should not have permissions
to create new accounts or assign permissions. Otherwise, the account might create an account with

higher permissions to bypass the process auditing.

•

Account group—You can specify account permissions when you configure accounts or account
groups. The permissions of an account group determine those of all the accounts in the group. It is

a good practice to first deploy account groups and then specify account groups for accounts. H3C

does not recommend assigning permissions for accounts directly.