AE - Secure the node_name field in a machine definition
search cancel

AE - Secure the node_name field in a machine definition


Article ID: 115228


Updated On:


CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) Workload Automation Agent


Is there a way to secure the node_name field in a machine definition?


Product - Workload Automation AE 11.3.x
Platform - Windows, Unix/Linux
Database - Oracle, Sybase, MSSQL


At this time the as-machine policy can be used to grant/deny access to AE machine names, not the underlying node_name references.

Create an as-machine explicit deny policy where the resource is ACE.wil*
With that in place users will be denied if they try to insert a new machine that started with "wil".
But users can insert a machine definition with a name of "fake" and set the node_name to "wil".
With the explicit deny in place users would also be restricted from performing "autorep -q -J wil" or issuing sendevent -E STARTJOB -J job1 where job1 is defined to run on machine "wil".
Users would also not be able to take the machine on or offline via
sendevent -E MACH_ONLINE -n wil
sendevent -E MACH_OFFINE -n wil


Additional Information

If users want the node_name to be added as a security check within Workload Automation AE please post the "idea" on
AE clients can vote the idea up or down.
Product mgmt reviews the ideas to help determine the future directions/features of the product.