selang surrogate object question
Article ID: 194499
Updated On:
Products
CA Virtual Privilege Manager
CA Privileged Identity Management Endpoint (PIM)
Issue/Introduction
I am familiar with the following objects:
Data for SURROGATE 'USER._default'
Data for SURROGATE 'GROUP._default'
however, I recently discovered a new version, and would like to know its purpose:
Data for SURROGATE '_default'
chres SURROGATE ('_default') audit(SUCCESS FAILURE) defaccess(READ) owner('etrust')
There is no server down here, but I will need to explain this object in an audit hearing soon.
Environment
Release :
Component : CA ControlMinder
Resolution
Please see the following from the documentation. The last sentence is the important one for you, the rest is for context:
"A record in the SURROGATE class represents each user or group who has surrogate protection. Two special records-USER._default and GROUP._default-represent users and groups who do not have individual SURROGATE records. If there is no need to differentiate between the default for users and the default for groups, you may use the _default record for the SURROGATE class instead."
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/it-operations-management/ca-controlminder/12-8-01/reference/selang-reference-guide/classes-in-the-ac-environment/surrogate-class.html
"A record in the SURROGATE class represents each user or group who has surrogate protection. Two special records-USER._default and GROUP._default-represent users and groups who do not have individual SURROGATE records. If there is no need to differentiate between the default for users and the default for groups, you may use the _default record for the SURROGATE class instead."
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/it-operations-management/ca-controlminder/12-8-01/reference/selang-reference-guide/classes-in-the-ac-environment/surrogate-class.html
Feedback
Yes
No
Powered by
