...
You can grant an admin group broad permissions to DHCP resources, such as read/write permission to all IPv4 or IPv6 networks and shared networks in the database. In addition, you can grant permission to specific resources, such as a specific IPv4 or IPv6 network or DHCP range, or an individual address in an IPv4 or IPv6 network. Permissions at more specific levels override global permissions.
You can also define permissions for specific DHCP objects and Grid member to restrict admins to perform only the specified DHCP tasks on the specified member. For more information about defining DNS and DHCP permissions on Grid Members, see About Administrative Permissions.
The following sections describe the different types of permissions that you can set for DHCP resources:
...
Note that you can grant an admin group read-only or read/write permission to specific IPv4 or IPv6 networks in a network view, without granting them permission to that network view. For information, see Permissions for IPv4 and IPv6 Networks and Shared Networks below.
For information on how to define permissions for network views, see About Administrative Permissions.
The following table lists the tasks admins can perform and the required permissions for network views.
...
To define permissions for a specific IPv4 or IPv6 network and its DHCP ranges and fixed addresses, seeAbout Administrative Permissions.
The following table lists the tasks admins can perform and the required permissions for IPv4 and IPv6 networks.
Network Permissions
Tasks | Grid Member(s) | All IPv4 or IPv6 Networks | Specific IPv4 or IPv6 Network | All IPv4 or IPv6 Shared Networks | Specific DNS Zone | All IPv4 or IPv6 DHCP Ranges | All IPv4 or IPv6 Fixed Addresses | IPv4 or IPv6 Network Template |
|---|---|---|---|---|---|---|---|---|
Create, modify, and delete IPv4 or IPv6 networks, DHCP ranges, and fixed addresses without assigned Grid members | RW | |||||||
Create, modify, and delete IPv4 or IPv6 networks, DHCP ranges, and fixed addresses with assigned Grid members | RW | RW | ||||||
Assign a Grid member to a specific IPv4 or IPv6 network and its DHCP ranges | RW | RW | ||||||
Expand and join IPv4 or IPv6 networks | RW | |||||||
Create IPv4 or IPv6 networks from templates | RW | RO | ||||||
Create, modify, and delete an IPv4 or IPv6 network | RW | |||||||
View IPv4 or IPv6 network properties and statistics, and search for DHCP ranges and fixed addresses in a specific network | RO | |||||||
Create, modify, and delete IPv4 or IPv6 DHCP ranges and fixed addresses in a specific network | RW | |||||||
Create and split an IPv4 or IPv6 network and automatically create a reverse DNS zone | RW | RW | ||||||
Create, modify, and delete IPv4 or IPv6 shared networks | RW | |||||||
View IPv4 or IPv6 shared networks | RO | |||||||
Create, modify, and delete IPv4 or IPv6 DHCP ranges with an assigned member in a specific network | RW | RW | ||||||
Create, modify, and delete IPv4 or IPv6 DHCP ranges | RW | |||||||
View and search for IPv4 or IPv6 DHCP ranges in a specific network | RO | |||||||
Create, modify, and delete IPv4 or IPv6 fixed addresses | RW | |||||||
View and search for IPv4 or IPv6 fixed addresses in a specific network | RO |
Administrative Permissions for IPv4 or IPv6 Fixed Addresses and IPv4 Reservations
...
For information on setting permissions for fixed addresses, see About Administrative Permissions.
The following table lists the tasks admins can perform and the required permissions for IPv4 and IPv6 fixed addresses.
Permissions for Fixed Addresses/Reservations
Tasks | Specific IPv4 or IPv6 Network | All IPv4 or IPv6 fixed Addresses/ IPv4 Reservations | Specific IPv4 or IPv6 Fixed Address/ IPv4 Reservation |
|---|---|---|---|
Create, modify, and delete IPv4 fixed addresses/reservations or IPv6 fixed addresses | RW | ||
Create, modify, and delete IPv4 fixed addresses/reservations or IPv6 fixed addresses in a specific network | RW | ||
Modify and delete an IPv4 fixed address/reservation or IPv6 fixed address | RW | ||
View and search for all IPv4 fixed addresses/reservations or IPv6 fixed addresses | RO | ||
View and search for IPv4 fixed addresses/reservations or IPv6 fixed addresses in a network | RO | RO | |
View and search for an IPv4 fixed address/reservation or IPv6 fixed address | RO |
Administrative Permissions for IPv4 or IPv6 DHCP Enabled Host Addresses
...
For information about setting permissions for DHCP enabled host addresses, see About Administrative Permissions.
The following table lists tasks that admins can perform and the required permissions for IPv4 and IPv6 DHCP enabled host addresses.
Permissions for DHCP Enabled Host Addresses
Tasks | Specific IPv4 or IPv6 Network | All IPv4 or IPv6 DHCP enabled host Addresses |
|---|---|---|
Create, modify, and delete IPv4 or IPv6 DHCP enabled host addresses in a specified network | RW | |
Modify and delete a specific IPv4 or IPv6 DHCP enabled host address | RW | |
View and search for all IPv4 or IPv6 DHCP enabled host addresses | RO | |
View and search for IPv4 or IPv6 DHCP enabled host addresses in a specified network | RO |
Administrative Permissions for IPv4 and IPv6 DHCP Ranges
...
For information on setting permissions for DHCP ranges, see About Administrative Permissions. The following table lists the tasks admin can perform and the required permissions for DHCP ranges.
DHCP Ranges
Tasks | Grid Member(s) | Specific IPv4 or IPv6 Network | All DHCP IPv4 or IPv6 Ranges | Specific IPv4 or IPv6 DHCP Range | MAC Address Filter |
|---|---|---|---|---|---|
Create, modify, and delete IPv4 or IPv6 DHCP ranges with an assigned member or a failover association | RW | RW | |||
Create, modify, and delete IPv4 or IPv6 DHCP ranges in a network with assigned members | RW | RW | |||
Modify and delete an IPv4 or IPv6 DHCP range with an assigned member | RW | RW | |||
View and search for all IPv4 or IPv6 DHCP ranges with an assigned member | RO | RO | |||
View and search for IPv4 or IPv6 DHCP ranges in a network with assigned members | RO | RO | |||
View and search for an IPv4 or IPv6 DHCP range with an assigned member | RO | RO | |||
View and search for an IPv4 or IPv6 DHCP range without an assigned member | RO | ||||
Apply relay agent and option filters to an IPv4 DHCP range | RW | ||||
Apply a MAC address filter to an IPv4 DHCP range | RW | RO |
Administrative Permissions for IPv4 or IPv6 DHCP Templates
There are three types of DHCP templates for IPv4 and IPv6 objects—network, DHCP range, and fixed address/reservation templates. To access any of these templates, a limited-access admin group must have read-only permission to the template. Limited-access admin groups cannot have read/write permission to the templates. Only superusers can create, modify and delete network, DHCP range, and fixed address templates. An admin group with read-only permission to the DHCP templates can view them and use them to create networks, DHCP ranges and fixed addresses, as long as they have read/write permissions to those DHCP resources as well.
You can set global read-only permission that applies to all DHCP templates, and you can set permissions to specific templates as well.
For information on setting permissions, see About Administrative Permissions. The following table lists the tasks admins can perform and the required permissions for DHCP templates.
...
For information on setting permissions, see About Administrative Permissions. The following table lists the tasks admins can perform and the required permissions for roaming host.
...
For information on setting permissions, see About Administrative Permissions. The following table lists the tasks admins can perform and the required permissions for MAC address filters.
Permissions for MAC Filters
...