|
|
|
You can administer CA Access Control policy from a central place using CA Access Control Endpoint Management and CA Access Control Enterprise Management, or by connecting to the computer with command line (selang) and updating the access rules directly on the computer.
To update the computer's access rules directly, you need write access on the terminal you are managing from and the admin attribute on the computer policy in the CA Access Control database.
By default, CA Access Control installation sets up terminal authority only for the local computer terminal. You can change that by either disabling this option from a local terminal or adding more terminals that can manage remotely.
To add the administration option for the terminal my_terminal to the computer my_machine using the user my_user, write the following selang rules:
er terminal my_terminal owner(nobody) defaccess(r) auth terminal my_terminal xuid(my_user) access(all)
These rules let everyone log in to this terminal (regular login, not CA Access Control management), and let enterprise user my_uid log in to the computer and use CA Access Control management tools (selang, CA Access Control Endpoint Management, and so on).
Note: If the administrators are using CA Access Control Endpoint Management to administer CA Access Control, you only need to define the computer where CA Access Control Endpoint Management is installed. You do not need to define the computer where the administrator opens the browser.
| Copyright © 2012 CA. All rights reserved. | Tell Technical Publications how we can improve this information |