This document describes the procedure to change AutoSys from Native Security to EEM Security.
Any AutoSys release
The current infrastructure has the security implmented using autosys native security.
EEM is being introduced to fulfil the infrastructure's complex security requirements.
Register AutoSys to the EEM server to create default policies and then enable EEM security.
This can be done with the following steps:
1) export the ASSAFETOOLPW environment variable to the EiamAdmin user account password.
In the example below, the password is 'admin1':
# export ASSAFETOOLPW=admin1
2) Run the following command to register AutoSys to the EEM server (if applicable)
How to check if this step is necessary:
Go to the EEM UI url 'https://<eemhost>:5250/spin/eiam'
In the Application field drop-down, check if you have "WorkloadAutomationAE" in the list.
If you do, you can skip this step.
If you do not, you must run this step.
Command: as_safetool -b <EEM_Host> -f -i $AUTOSERV
For example, if an instance name is ACE:
# as_safetool -b eemhost.domain -f -i ACE
3) Run autosys_secure to enable EEM security
As an Edit/Exec super user run "autosys_secure"
Select option 1 (Activate CA EEM instance security)
Enter the CA EEM back-end server hostname when prompted and EiamAdmin's password.
This will enable EEM security for your AutoSys instance.