This document describes the procedure to change AutoSys from Native Security to EEM Security.

Any AutoSys release

The current infrastructure has the security implmented using autosys native security.

EEM is being introduced to fulfil the infrastructure's complex security requirements.

Register AutoSys to the EEM server to create default policies and then enable EEM security.
This can be done with the following steps:

1) export the ASSAFETOOLPW environment variable to the EiamAdmin user account password.

Linux:
export ASSAFETOOLPW=<EiamAdmin Password>

Windows:
set ASSAFETOOLPW=<EiamAdmin Password>

2) Run the following command to register AutoSys to the EEM server (if applicable)

How to check if this step is necessary:
Go to the EEM UI url 'https://<eemhost>:5250/spin/eiam'

In the Application field drop-down, check if you have "WorkloadAutomationAE" in the list.
If you do, you can skip this step.
If you do not, you must run this step.

Command: as_safetool -b <EEM_Host> -f -i $AUTOSERV

For example, if an instance name is ACE:

 # as_safetool -b eemhost.domain -f -i ACE

3) Run autosys_secure to enable EEM security

As an Edit/Exec super user run "autosys_secure"
Select option 1 (Activate CA EEM instance security)
Enter the CA EEM back-end server hostname when prompted and EiamAdmin's password.

This will enable EEM security for your AutoSys instance.