ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Difference between CommandExecute policy versus AutoSysCommandISponsorFilters.txt

book

Article ID: 126282

calendar_today

Updated On:

Products

CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) Workload Automation Agent

Issue/Introduction

What is the difference between the CommandExecute policy in EEM versus the usage of AutoSysCommandISponsorFilters.txt

Environment

Release: WAAGTA99000-11.4-Workload Automation-Agent AE-MSP
Component:

Resolution

The difference between the CommandExecute policy versus AutoSysCommandISponsorFilters.txt is that any settings in the AutoSysCommandISponsorFilters.txt file are global and apply to everyone.

When using the CommandExecute policy you can restrict commands and also certain users.

For example if you want to allow user 'user1' to execute 'autoflags -a' command and also 'autorep -J'  but no other commands.
This can be done by specifying following resource in the CommandExecute policy.
 

server/ACE/autoflags -a
server/ACE/autorep -J [^;]+$


Select 'Execute' as action'.
Turn on the flag 'Treat resource names as regular expressions'.

If you specify

server/ACE/autorep [^;]+$


then all options of autorep are allowed.