search cancel

Authorization failures for sendevent commands due to as-sendevent policy.


Article ID: 4474


Updated On:


CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) Workload Automation Agent


When attempting to use the new as-sendevent resource class, setting up a policy for anything other than All Resources and All Identities results in sendevent authorization failures.


Release: ATSYHA99000-11.3.6-Workload Automation AE-High Availability Option


Ensure the resource specified in the as-sendevent policy contains only the WAAE instance name or a single '*' and nothing else. That is the only information passed by WAAE as the resource for this type of authorization check. For example...

A sendevent -E STARTJOB is issued from instance ACE. The authorization check is sent with the resource set to 'ACE'. If the policy has the resource set to ACE.* as is standard for as-job policies, the authorization check will fail. The policy's resource should be either '*' or 'ACE' for the authorization check to pass.