If the profile enhancement feature is set in the system configuration settings (see Logins Settings), the following changes are impacted in this module:
· The location-restricted users can create automation rules in the Global I/O interface only within their set of accessible locations. The user is allowed to add trigger conditions and actions only on devices within their assigned hierarchical location.
· The location-restricted user has to select the hierarchical location while adding an ‘Automation rule’ unlike other modules where the hierarchical location of the location-restricted user is auto-populated.
· When a location is assigned to a global I/O rule of trigger type Periodic and event, the rule is applied only for the location it was created to and its child nodes (if any.
· If the trigger type is manual then the rule is applied to the locations that are common between the locations assigned to the location-restricted user and the location (with its child nodes) in which the global I/O was created.
· If the location-restricted user wishes to invoke a global I/O manually, the Automation Driver has to be present in the hardware view of the location-restricted user. To achieve this, the cpamadmin can populate the Automation Driver in the hierarchical location of the location-restricted user by modifying the profile of the user.
To populate Automation Driver, do the following:
Step 1 Go to Profiles > Edit > General > Login/Logout option.
Step 2 Select the Ignore hierarchical location restriction for device matching filter check box.
Step 3 Click Filter. The Filter Device window appears.
Step 4 Select Automation Driver from the Type drop down list.
Step 5 Click OK to save the changes. The automation driver is populated.
Note The drawback of populating the automation driver is that the automation driver events of other locations that are not under the purview of the location-restricted user also become visible.
· All automation rules created up to the root of the hierarchy of the location-restricted user is visible to the user. The location restricted user can invoke these rules provided there are any devices (at least one) pertaining to their location in these rules.
· All device groups up to the root of the location-restricted user are visible and the user can reuse these device groups provided at least one device is present from the location restricted user’s assigned location in these device groups. When these device groups are reused, the commands are applied to the devices belonging to the location restricted user’s location.
· When the cpamadmin removes a location from the location restricted user’s hierarchy, all devices of that location is removed automatically. However if any automation rules relating to these devices are present, then it requires manual removal, so the cpamadmin should ensure that they remove all associated automation rules (manually) along with the location.
Note These points are applicable only when the profile enhancement feature is set on Logins page of System Configuration window (starting with the ICPAM 2.1 release); otherwise, the ICPAM appliance retains its behavior as in the previous version (CPAM 1.5.1).
See also: