Applies To:
Show VersionsBIG-IQ Centralized Management
- 6.0.0
Provide User Access to Applications
Overview: Providing a user access to a SharePoint application hosted on BIG-IP
This use case scenario walks you through the tasks you'll need to provide a user access to a single application, SharePoint, that is hosted on your managed BIG-IP device.
The required tasks are:
- Role Type
- Create a custom role type
associated with one or more services. Then select the type of resources (object types)
this role needs to do their job, and then specify how you want to allow this role type to
interact with those objects. For this example:
- Select the Local Traffic (LTM) service.
- Create a role type named SharePoint Management.
- Select the Virtual Server: Local Traffic and add it to the selected resources.
- Provide permissions for this role type to read, add, edit, and delete those objects.
- Resource Group
- Create a custom
resource group that contains the specific resources you want to provide access to. For
this example:
- Create a resource group, SharePoint Server.
- Select the SharePoint Management role type to narrow the service and object types displayed to only those this role type has permissions to.
- Select the Local Traffic (LTM) service.
- Select the Virtual Server: Local Traffic service
- Locate the virtual server that is hosting your SharePoint application, and add it to the selected resources.
- Role
- Create a custom role
associated with the custom role type, and assign the custom resource group to that role. For this example:
- Create a custom role called SharePoint Manager.
- Associate the SharePoint Management role type to it.
- Associate the SharePoint Server resource group to it.
- User
- Create a user and associate
it with the role you created. For this example:
- Create a user named Sam.
- Associate the user with the SharePoint Manager role.
Create a custom role type with permissions to access LTM virtual servers
The first step to providing your user access to an application is to create a custom role type and define a set of permissions to specify how that role type interacts with objects that are associated with a service.
In this example, we'll be providing access to BIG-IP virtual servers (because your applications are hosted on BIG-IP virtual servers) with permissions to read, add, edit, and delete all associated objects.
Create a custom resource group
Create a custom role for the SharePoint Manager
In this example, we'll be creating a role for SharePoint Manager.