Table of Contents Previous Next

6 Managing a PEM Installation : 6.1 Assigning Privileges to PEM Users

Users connect to PEM using role credentials created on the PostgreSQL database used by the PEM server. By default, the postgres superuser account is used for the initial logon, however it is strongly recommended that individual roles are created for each connecting user.
You can create a role with the CREATE ROLE SQL command in a command line client, or with the PEM client New Login Role dialog. To access the New Login Role dialog, connect to the PEM server database using the PEM client, and right-click on the Login Roles node and select New Login Role… from the sub-menu (as shown in Figure 6.1).
Screen shot 2013-09-14 at 6
Complete the tabs on the New Login Role dialog to add a new PEM user.
one
Use the fields on the Role membership tab (shown in Figure 6.2) to grant new roles appropriate permissions and role memberships to use PEM: 
Users that are members of the pem_user role may view dashboards and use tools like the Postgres Expert and Capacity Manager, but they will not be able to install agents or configure the server, directory, alerts or probes.
Users that are members of the pem_admin role have the same read permissions as members of the pem_user role, plus sufficient privileges to configure the server, directory, alerts and probes.
Administrative users must be added to the pem_admin role and explicitly granted the CREATE ROLE privilege. In addition to the permissions granted through membership in the pem_admin role, the CREATE ROLE privilege allows an administrator to create additional PEM users, and to install and register new agents.
For detailed information about using the tabs on the New Login Role dialog, click the Help button in the lower left corner of the dialog.
For more information about using the CREATE ROLE command, see the PostgreSQL core documentation at:

6 Managing a PEM Installation : 6.1 Assigning Privileges to PEM Users

Table of Contents Previous Next