OSS ยท IM System Service Fulfillment โ€“ Inventory Management
Module

System Management

User accounts, roles, and organizational structure administration

Overview

The System Management module handles the access control layer of IM โ€” creating and managing user accounts, defining roles with specific menu and button permissions, and structuring departments/organizations.

๐ŸŽญ

Role Management

Define roles and assign which menus and buttons each role can access.

๐Ÿ‘ค

User Management

Create user accounts, assign roles, manage passwords and account status.

๐Ÿข

Organization Management

Create department/org structure used when creating users.

Role Management

Roles are the core permission unit in IM. Each role defines:

  • โ€ขWhich parent menus the role can see (e.g. Resource Management menu)
  • โ€ขWhich child menus are visible within each parent (e.g. ONT sub-menu)
  • โ€ขWhich action buttons are available (Add, Modify, Delete, Import, Export, Clone)
  • โ€ขWhich query input fields can be used (per-parameter permission)
  • โ€ขWhich decryption permissions are granted (Mobile, Email, IPTV Password)
Field Type Req. Description Example
Role Code string Yes Unique identifier for the role ROLE_TECH_L1
Role Name string Yes Human-readable role name Level 1 Technician
Operator string No Who created/last modified this role
Operate Time datetime No Last modification timestamp
Remark string No Free-text description of role purpose
๐Ÿ’ก

Batch User Authorization

Administrators can assign the same role to multiple users in one operation by selecting multiple users in the role authorization screen. This is much faster than assigning roles one-by-one.

User Management

Each user account maps to one or more roles. Users can be authenticated via local DB or Active Directory.

Field Type Req. Description Example
User Account string Yes Login username โ€” unique, mandatory on create, read-only on modify john.smith
User Name string Yes Display name โ€” mandatory on create, read-only on modify John Smith
Password string Yes Account password โ€” mandatory on create and modify
Confirm Password string Yes Password confirmation
National ID string Yes Staff national ID number
Account Status dropdown Yes Enable or Disable the account Enable
Dept. string Yes Department/organization the user belongs to
Role string Yes Role assigned to this user
Email string Yes User's work email address
Telephone string Yes User's work phone number

Organization Management

Organizations define the department tree used when creating user accounts.

Field Type Req. Description Example
Department Name string Yes Full department name Network Operations Center
Department Code string Yes Unique code for the department NOC
Superior Department string No Parent department for hierarchical org structure
Remark string No Optional notes

Authentication Modes

โ„น

Local vs Active Directory authentication

IM supports two authentication modes that can be configured per deployment:
  • Local: IM verifies username and password against its own database.
  • Active Directory: IM authenticates the password against AD via LDAPs protocol.

Important: Regardless of authentication mode, the user account must exist in IM's local DB. If a user exists in AD but not in IM, they cannot log in.

๐Ÿ“

All three OSS systems must share user accounts

Users must exist in IM, OM, and AM independently. Authentication mode selection only controls password verification โ€” it does not provision accounts across systems.