IT Operations Management (ITOM)

How to use Roles, Groups and Users to efficiently manage access to OMi

How to use Roles, Groups and Users to efficiently manage access to OMi


Guest post by Lars Droege


You may be aware of many benefits of HP Operations Manager i when it comes to a single pane of glass, faster triage capabilities and guided (if not automated) mitigation support for your operational staff.


So you will want to make this tool available to all different operators and administrators of the various technology disciplines and teams, like network, servers, applications, middleware, business services etc. And you may have dozens if not hundreds of them.


This raises several questions:

  • How will you give them access?
  • What specific capabilities will they need?
  • What do they need to see? (And maybe more important: What can they safely ignore?)
  • And last but not least: How do you maintain over time all these credentials, capabilities and authorizations for your heterogeneous and dynamic work force?


The OMi user concept comes with three different entities to comfortably maintain your user credentials: Roles, Groups and Users


A ROLE is a logical definition of capabilities and authorizations required to perform a defined assignment.


It can be as high level as read-only access to the top-level statuses of your IT infrastructure (something you may want to assign to each IT staff member). Or as specific as a "Database tuning and capacity planning" role, with specific views, reports and tools required just for this purpose.


You may want to define roles based on technology background of the users and/or on specific geographical or organizational requirements in your staff.


A GROUP links the capabilities defined in the roles to the actual users in your staff. A group can be assigned all the roles required for a specific team (technical, geographical and/or organizational). And groups can be nested. The "Database Tuning Experts" group, for example, would be assigned not only the specific role described above, but would also "inherit" all the capabilities of the more generic "Database Operators" group.


USERS can then be linked to one or multiple of the groups defined above, automatically receiving all the authorizations, tools and capabilities defined by the group structure and the assigned roles. Once the definitions on a group or role level are changed, this will directly update the capabilities of all related users. A user changing teams will just be updated in related group memberships to get all the tools and views that are needed for the new job.


And finally: When managing a significant number of users, you probably have an LDAP based user management system in place for other authorizations across your company. This is great, because OMi can directly link with LDAP servers for authentication and authorization. Existing LDAP groups can be synchronized with OMi groups. So if you maintain your team structure in LDAP, your new users can automatically receive an OMi login and specific capability assignments without even touching OMi user management again.


Download Operations Manager i trial here


With the concept of ROLES, GROUPS and USERS you can efficiently manage access levels and authorizations for your heterogeneous and dynamic staff. And with the LDAP integration, you just need to define your group memberships for all your users once across your IT environment, without the need for individual setup in OMi.


So OMi gives you an easy capability to manage the access of your users to the maximum business effect!


About the author: Lars Droege has 20 years of experience in operations management with HP Software. He is presently Technical Marketing Manager for Operations Bridge solutions.  He is responsible for developing and delivering enablement and marketing material from a technical perspective.


Lars has a Dipl.-Ing. (DH) degree in Computer Engineering from Baden-Wuerttemberg Cooperative State University (DHBW) in Stuttgart, Germany


Learn more about Operations Manager and Operations Manager i here.

You can also download trials of the software to experience them for yourself.

Search for blogs containing tag OMI10F for other topics similar to this one

The OM-to-OpsBridge evolution program including license exchange details is now live. Search on the tag OM2OpsBridge to find blogs discussing this program and evolution to OpsBridge.

HP Operations bridge Integrations via BSM Connectors and management packs


Search on OMiContent for other blogs on management packs and connectors.

  1. We are pleased to announce the HP BSM Integration for BMC Impact Manager by Comtrade, version 1.1. The HP BSM Integration for BMC Impact Manager by Comtrade enables you to establish a link between BMC Impact Manager and HP Operations Manager i 10 (OMi).  

    The key features of this release are:   


  • Support of Operations Manager i 10 and BSM Connector 10    
  • Self-discovery  

The installation package and the integration guide are available at


  1. We are also pleased to announce the availability of yet more extensions to our fast growing catalogue of management tools, the lightweight OMi Management Pack for Docker has been released on HP-LN:

  1. We are now happy to announce the availability a new connector for HP Helion.
    You can find it for download on HPLN at,

    Based on Monasca the OpenStack monitoring tool and available independently from Helion, but will be a key part of the Helion offering in fal 2015l.

    With this HP Helion Monasca connector we are well prepared in advance for integrating HP Helion monitoring with OMi.;
  • A demo of the Monasca connector is available in the demo environment already, it is a recorded and clickable demo.
  • It is community supported release



Michael Procopio Procopio
  • operations bridge
0 Kudos
About the Author


HPE Software Product Marketing. Over 20 years in network and systems management.