HP Integrity NonStop J-Series User Manual
Page 83
Web ViewPoint User Guide Version 5.14 - 528226-014
83
If you have started Object Manager, then you do not have to include your name in the user List. Access to
Object Manager is allowed to the creator by default
B. TACL:
This object is used to determine who is allowed to issue/ execute tacl commands from the Object Manager
command window. By default, only the creator of OCM (Object Manager environment) is allowed to execute
tacl commands. However, the OCM creator can allow a certain list of users to issue tacl commands. To do so,
you have to perform the same steps as above (allowing a list of users to logon to Object Manager), except
that, the object name should be “tacl”. Other things remain the same.
C. USERS:
This object is used to create Command Specific User list. By default, there are only two types of command/
button control (i.e. “non-sensitive” [READ] and “sensitive” [WRITE]), and the creator of OCM has the right to
execute “Sensitive” commands. By adding a command “SENS” to the tacl object, the creator of OCM can allow
access of all sensitive commands to a set of users.
The OCM creator may also want to allow only certain commands to be executed by a set of users, and other
commands to be executed by other users. For this purpose, the creator of OCM can group together users as a
list and classify them by a “Name” (Group1) as follows, which will replace the default security-ID ([READ] or
[WRITE]):
Click “Object Tree”
Choose “Add command to object class”
Type Object Class as “users”
Type Command Name as “GroupA”
In the “Enter Template” field, type “NEX” followed by a comma separated list of users to whom you want
to grant the access (the list can also contain SafeGuard aliases)
The “Sensitive command” checkbox may or may not be checked
Click on “Submit”
Allowing a set of users to execute a set of Commands
By adding the above command, the creator of OCM can change the “sec-id” of some commands from [WRITE]
to [Group1], and this will cause only the users mentioned in “Group1” to have access to those commands.