How to set a user to be able to view jobs but not allow the user to perform complete, resubmit, reset definition
search cancel

How to set a user to be able to view jobs but not allow the user to perform complete, resubmit, reset definition

book

Article ID: 41007

calendar_today

Updated On:

Products

DSERIES- SERVER CA Workload Automation DE - System Agent (dSeries)

Issue/Introduction

Introduction: 

In a production environment only operators are allowed to perform any action in Workload Automation Desktop Client. 

Other user have only authorisation to look at everything and are not able to modify anything. 

We recently noticed that these other users are able to restart jobs. What must we do to prevent that?

 

Question: 

How to set a user to be able to view jobs but not allow the user to perform complete, resubmit, reset definition ?

How also to allow these users to be able to access the spool files of the jobs ?

 

Answer: 

First select the Admin Section from the Desktop client, then select the Security part of the tree, then select the user that you wish to update the security policies for from the list shown as indicated in the screenshot below.

<Please see attached file for image>

screen.jpg

 

To add the policy changes use the "Add..." button in the Permissions tab of the User Definition, this will cause the Permission policy screen to open , now select the permission type APPLX from the drop down list.

You can now enter either an Application Name , Job Name , Job Qualifier or you can enter an asterisk (*) as a wild card to select all or enter a value with a wild card for example "TEST*" which will then select all values for Application,Job,Qualifier that match "TEST*".

In the Command Name field use the drop down box to select "SUBSCRIBE".

Select the access to be "Allow" so that the user can select select to subscribe to the defined jobs.

Now press the "OK" to insert the change to the permissions.

<Please see attached file for image>

subscribe.jpg 

 

To allow the users to be able to view the spool files for the jobs they will also need to add the following rule for the Command Name GETSPOOLFILE as shown below :

<Please see attached file for image>

spool.jpg

 

Once all the changes have been made please press the disk symbol 

<Please see attached file for image>

disk.jpg from the users security definition to save the changes to the policies to the user.

 

Additional Information:

Under the following link you can view the Security permissions for Workload Automation DE 11.3.* :

https://docops.ca.com/ca-wla-de/11-3-3/en/administrating/securing/establishing-and-controlling-security/security-permissions

 

Under the following link you can view the Security permissions for Workload Automation DE 12.* :

https://docops.ca.com/ca-wla-de/12-0/en/administrating/securing/establishing-and-controlling-security/security-permissions

  

Environment

Release: DSWAHA01300-12-Workload Automation DE-High Availability
Component:

Attachments

1558719502528000041007_sktwi1f5rjvs16vcq.jpeg get_app
1558719500585000041007_sktwi1f5rjvs16vcp.jpeg get_app
1558719498652000041007_sktwi1f5rjvs16vco.jpeg get_app
1558719496456000041007_sktwi1f5rjvs16vcn.jpeg get_app
Powered by Wolken Software