1

We're evaluating Zenoss and are interested in Device Access Control. We would like to set up the system so that our customers could access Zenoss and only see their devices and status. This feature apparently only exists in the enterprise version as can be seen here.

In the user configuration page there is a "Administered Objects" section but in the community version it has no practical effect, apparently. There is also a roles and permissions configuration page available at http://.../zport/manage_access but I haven't really figured out how to use it for this use case.

Can anyone give me some tips on how we could limit a certain user to certain devices or device groups? Would it require changing a lot of code in the Zenoss core? Can we do that with a ZenPack? Are there any examples on how to do this?

Thanks in advance!

Tiago Alves
  • 1,301
  • 2
  • 18
  • 30

1 Answers1

1

I am working on this right now. Part of the issue is that there are a number of bugs around the Zenoss Administered Objects concept. I have posted some findings at the Zenoss forum at http://community.zenoss.org/message/59100#59100 . I have also opened a number of tickets with Zenoss (referenced in the previous url). If you can add extra supporting information to the tickets then it may get their priority raised. Meanwhile, I am working on my own code fixes / ZenPack workaround and almost have something ready for alpha testing if you are interested. Cheers, Jane

Jane Curry
  • 26
  • 1
  • Thanks for your answer. I have checked out your post and reproduced the issues you found. For the moment we will allow our customers to view their devices' status embedded in our product (the info will be fetched through the Zenoss XML-RPC API). However, in the long term it could be great to have these read-only customer-specific views. I would be glad to test your ZenPack once it's ready. – Tiago Alves Jun 17 '11 at 17:19