How to Use Customized Groups to simplify the OpsMgr Console for Server Owners – Using Custom Groups to secure Views

This is the final posting of the four part series describing how to use the custom groups to secure views within OpsMgr:

This blog post uses custom groups created in the first part of this series with subscriptions and one-off notifications. To secure the views we use the groups created in part 1 of this series, combined with the views created in part 2, and the security group created in Part 3.

Securing Views

The first step is to create a user role for the members of this functional group. Create a new Operator role in the Administration node of the Operations Manager console by navigating to  Administration -> Security -> User Roles. Right-click on the Operator role and choose the option to create a New User Role / Operator (this could also be an advanced operator, or read-only operator depending upon the capabilities you want this group to have).

The Operator Role is defined as <Function>< Admins>, and the group names used for the notification channel are added.

On the Group Scope page, limit the group to only show the members of the new functional security group previously created (Odyssey Security Servers).

Take the defaults for approving tasks, which indicate all tasks are automatically approved.

Now limit the views page to the folder (<_><Function>) and the views that were created in the folder.

A warning is displayed that if additional views are created, the wizard will need to be re-run to add permission to the new view.

Next, the Create User Role Wizard – Operator Profile summary screen shows the options chosen, and pressing the Create button creates the user role.

With the configuration now complete, when a member of the security group logs in they will see only the pieces of the Operations Manager console they have permission to see, which with this configuration shows only the pieces that they are responsible for!


The end-result of this process is a customized set of views and notifications providing a targeted list of the systems important to the particular group, with a high impact targeted set of notifications when alerts occur that impact the systems within these views.

Using the approach discussed in this series you can effectively carve up the Operations Manager console to only show information relevant to a set of server owners, and provide notifications of critical alerts for just those servers to the same server owners. This targeted approach increases adoption of Operations Manager by simplifying the user experience and decreasing noise by providing just the critical alerts to the appropriate server owners.

This entry was posted in Operations Manager 2007. Bookmark the permalink.

One Response to How to Use Customized Groups to simplify the OpsMgr Console for Server Owners – Using Custom Groups to secure Views

  1. Marnix says:

    Hi Guys!Nice series. Good work. As a matter of fact I was in the process of working on a similar series for my blog ( but when the first article of your series came out I scrapped it. Why doing a job twice while the first job is top notch? 🙂 Can\’t wait until your new book (OpsMgr Unleashed R2) comes out.Bye,Marnix Wolf

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s