By this step, the user who issued the AUTOLOG or XAUTOLOG command already has authorization to autolog the target machine. This step preserves the individual accountability of group machines (machines with the GRPLOGON privilege) for audit purposes.
CA ACF2 for VM checks the logonid of the target machine for the GRPLOGON privilege. If GRPLOGON is specified, the name of the initiator machine becomes associated with the name of the target machine. For example, the initiator appears in all CA ACF2 for VM reports as the logonid. The target appears as the jobname. This corresponds with how CA ACF2 for VM generates reports for group virtual machines.
For any other machines that this group machine subsequently autologs, the name of the original initiator (the machine that first autologged the group machine) is still identified as the logonid in the CA ACF2 for VM reports. The original initiator of the group machine is accountable for all of that machine's subsequent actions.
An autologged target group machine goes through autolog resource validation, but not group logon resource validation. Group logon resource validation applies only when group machines are trying to gain access to the system through logon.
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|