Policy Editor ACLs aren't recreated when reinitializing hub security
Article ID: 33935
Updated On:
Products
DX Infrastructure Management
NIMSOFT PROBES
Issue/Introduction
This error occurs because Infrastructure Manager is responsible for creating the new ACL templates in security.cfg. ?The entries for "Policy Management" and "Policy Basics" do not exist in the creation routine.
First, confirm the following two ACL's exist in the file base_acls.cfg (located in the distsrv probe folder):
Backup the base_acls.cfg file and security.cfg file for safekeeping.
If they do, then use the command-line probe utility (pu.exe) to re-set the ACLs as follows:
Windows:
"C:\Program Files (x86)\Nimsoft\bin\pu.exe" -u administrator -p (password) distsrv set_acl_init base_acls.cfg
where (password) is the password for the built-in administrator user.
Linux:
Example output:
Then, in the IM check that the two Policy Engine ACLs are now displayed in the ACL list by selecting Security->Manage Access Control list from the IM drop down menu.
Note that this process will NOT change or remove or reset the ACL list in any way. Furthermore, it will not remove any other pre-existing ACLs. It will simply expose the Policy Management ACLs.
keywords: This user's ACL does not have the required permission to access this portlet.
First, confirm the following two ACL's exist in the file base_acls.cfg (located in the distsrv probe folder):
<Policy Basic>
name = Policy Basic
desc = Read-only view of policies
access = read
type = Management
apply_to_existing_acls = Superuser, Administrator
</Policy Basic>
<Policy Management>
name = Policy Management
desc = Create, edit and delete policies
access = admin
type = Management
apply_to_existing_acls = Superuser, Administrator
</Policy Management>
name = Policy Basic
desc = Read-only view of policies
access = read
type = Management
apply_to_existing_acls = Superuser, Administrator
</Policy Basic>
<Policy Management>
name = Policy Management
desc = Create, edit and delete policies
access = admin
type = Management
apply_to_existing_acls = Superuser, Administrator
</Policy Management>
Backup the base_acls.cfg file and security.cfg file for safekeeping.
If they do, then use the command-line probe utility (pu.exe) to re-set the ACLs as follows:
Windows:
"C:\Program Files (x86)\Nimsoft\bin\pu.exe" -u administrator -p (password) distsrv set_acl_init base_acls.cfg
where (password) is the password for the built-in administrator user.
Linux:
/opt/nimsoft/bin/pu -u administrator -p (password) distsrv set_acl_init base_acls.cfg
Example output:
C:\Program Files (x86)\Nimsoft\bin>pu.exe -u administrator -p xxxxxxxx? distsrv set_acl_init base_acls.cfg
Aug 20 02:29:41:619 pu: SSL - init: mode=0, cipher=DEFAULT, context=OK
======================================================
Address: distsrv???????????????????? Request: set_acl_init
======================================================
set_acl_init:?? PDS_PCH?????????? 8 success
Aug 20 02:29:41:619 pu: SSL - init: mode=0, cipher=DEFAULT, context=OK
======================================================
Address: distsrv???????????????????? Request: set_acl_init
======================================================
set_acl_init:?? PDS_PCH?????????? 8 success
Then, in the IM check that the two Policy Engine ACLs are now displayed in the ACL list by selecting Security->Manage Access Control list from the IM drop down menu.
Note that this process will NOT change or remove or reset the ACL list in any way. Furthermore, it will not remove any other pre-existing ACLs. It will simply expose the Policy Management ACLs.
keywords: This user's ACL does not have the required permission to access this portlet.
Environment
Release:
Component: UIMHUB
Component: UIMHUB
Resolution
Please Update This Required Field
Feedback
Yes
No
Powered by
