Looking for additional details on setting administrators in the adminui – specifically the XPS tools
Reference version R12.52 SP1 CR 5
XPS Tools: (only allow access to use the tool – no other rights or permission)
GUI Allowed
Reports Allowed
Local API Allowed
Report API Allowed
Import Allowed
Export Allowed
XPSEvaluate Allowed
XPSConfig Allowed
XPSExplorer Allowed
XPSSecurity Allowed
XPSRegClient Allowed
Bug XPSTools.dll as well as unclear documentation
Fix: Issue address in bug ID DE276031 provided dev-fix
GA release looks like R2.52 SP1 Cr9, it will also be rolled into R12.6 & R12.7
Documentation has been updated
Add User to AdminUI – follow
CA will be releases a fix for this functionality, also need to update documentation
Documentation is updated to correctly reflect the XPSTools functionality, namely:Only OS user is supported by XPSTools.
This needs to be done using XPSSecirty (XPSSecurity tool is including in the media (e.i smreg) needs to be copied to <SSO_Home>\bin
Use XPSSecurity to create the admins
Enter Option (A,S,C,W,B,P or Q): A
Enter Option (#NA or Q): N
Enter Option (# or BGVURAQ): 4
-------------------------------------------------------------------
Attr: Name [CA.XPS::Administrator.Name]
Description User's Name
Type: String
Handling: none
Character Case: Mixed
New Value (blank to quit):TestAdmin
Value updated.
Enter Option (# or BGVURAQ): 5
-------------------------------------------------------------------
Attr: UserPath [CA.XPS::Administrator.UserPath]
Description Connects to the user identity
Type: String
Handling: none
Character Case: Mixed
New Value (blank to quit):OS:lodbl511vm050/TAdmin
Value updated.
NOTE Doc bug which defines the user as OD://system_name/username - using XPSSecurity it needs to be defined as OS:system_name/username (docs have been updated)
If os user does not has have read-write permissions, OR we want to restrict his right to only be allowed to run some tools, OS user MUST be explicitly created using the XPSSecurity tool.
The user created by XPSSecurity SHOULD be super-user. If list of tools he can access is not specified, he will be allowed to use all the tools:
02: Flags 4(0x4): SuperUser
03: MethodsAllowed 0(0x0):
To restrict os user rights to be able to use only some tools and not the others, MethodAllowed should list all the allowed tools, e.g.
02: Flags 0(0x0):
03: MethodsAllowed 65600(0x10040): XPSExplorer, Sweeper