Need advice, let customers into console, view only their own CPM statistics

(imported topic written by SystemAdmin)

Greetings, I have very recently been given the responsibility of taking care of my company’s BigFix deployment – without any prior knowledge of this system – and I’m currently devouring documentation and experimenting, but BigFix is quite complex and intimidating. So please forgive my ignorance, I’m attempting to rectify it =)

The intention is this: We’re intending to deploy CPM to customers, and we want the customers to be able to log on to the console and view only the statistics of their own company’s machines, basically access only the overview/protection status, the fancy report screens etc.

I was looking at this article: https://www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en#/wiki/Tivoli%20Endpoint%20Manager/page/Multiple%20Customer%20Deployments – it seemed to do at least partly what I wanted, but my problem arises when I launch BESAdmin.exe and I see no user management tab, there is no obvious way to add users/operators. What am I missing? Is this ultimately the best way to achieve what I wanted, or is there a better way? Is there better documentation, links or directions on this issue you can give?

Again, forgive my lack of knowledge, I’ve been thrown into the deep end, and I’m trying very hard not to drown.

//Ef

(imported comment written by SystemAdmin)

I presume you are using version 8.2 of the platform?

If so, user management has moved into the Console from BESAdmin. You also will have a lot more granularity.

Some of the changes include:

Integration with Microsoft Active Directory and LDAP - Provision and authenticate Console users through integration with AD or LDAP providers

Role-based Provisioning - Configure and manage user permissions through roles. Assign roles to groups to provision/de-provision users based on group membership

(imported comment written by SystemAdmin)

Yes the version is 8.2.

Thank you I’ll start looking into roles immediately. Quick follow-up: would roles work in conjunction with sites to achieve what I was after? (I haven’t looked into sites either yet).