Is there a way to prevent users from issuing a STOP_DEMON event?
Article ID: 128885
CA Workload Automation AE - Business Agents (AutoSys)CA Workload Automation AE - Scheduler (AutoSys)CA Workload Automation Agent
Is there a way to prevent users from issuing a STOP_DEMON event but preserve their ability to use sendevent to send other event types?
Release: Component: ATSEEM
There is an EEM policy for the WorklaodAutomationAE application that controls the ability to issue the STOP_DEMON event.
Login to EEM as EiamAdmin selecting the WorkloadAutomationAE application in the drop-down. Click "Manage Access Policies" Select the "as-control" policy folder from the list on the left You will see a policy called "STOP_DEMON_Policy" in the list of defined policies. By default, this policy is open to all users. You will need to lock down this policy to prevent STOP_DEMON access for certain users. Edit the policy and remove the check for the "Execute" action that is currently selected for "[Default]" in the "Selected Identities" Add only the users/groups to the "Selected Identities" list to which you want to grant STOP_DEMON access. Put a check next to each for the "Execute" action and save the policy.
After making this change, only the users or groups that you added to the STOP_DEMON_Policy "Selected Identities" list will be allowed to issue a STOP_DEMON event.