Global users are maintained external to the grid in a global directory service. When a global user first authenticates on the grid (for example, logs in to the CA AppLogic GUI), the global user is assigned a unique ID based on a user attribute in the global directory. For example, this may be the user SID or GUID in the case of Active Directory. Once a global user has authenticated for the first time, some information about that global user is maintained in the local directory service. This is necessary because CA AppLogic does not write any information to the global directory and because CA AppLogic only reads from the global directory at the time of global user authentication. The global user information maintained locally includes:
It should be noted that every user is a member of the implicit local group all. If this group is given, for example, grid_administrator access level rights on the grid ACL, then every user (local or global) obtains these rights.
Both local and global user names may include any UTF-8 character with the following exceptions:
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|