Sample: Authorize a User with CA Top Secret

How to Authorize Users to Work in CA Chorus › Authorize Users to Work in CA Chorus › Sample: Authorize a User with CA Top Secret

Sample: Authorize a User with CA Top Secret

Use this procedure to identify the users that can log in to CA Chorus. Additionally, you can authorize users to do the following tasks:

Index content in the Knowledge Center. Indexing the content lets the user add or remove documentation from this repository.
Use the auto-refresh option. This option refreshes the data that appears in the CA Chorus UI whenever the back-end data changes.

Note: The commands in this procedure are samples. For detailed information about using these commands, see the CA Top Secret Command Functions Guide and CA Top Secret Control Options Guide.

As you set up user authorizations, consider the following points:

Longer entity names where a single level is longer than 8 bytes do not lend themselves to using an asterisk mask. We recommend a floating point mask.
Be careful when using prefixed permissions because you can impact multiple calls and not just the discipline login itself.

To define user access permissions, enter the following commands:

TSS PERMIT(acid1) CAMFC(resource-name) ACCESS(READ)
TSS PERMIT(acid2) CAMFC(resource-name) ACCESS(READ)
...
TSS PERMIT(acidn) CAMFC(resource-name) ACCESS(READ)

resource-name

Identifies the CA Chorus resource that the user is permitted to access.

CHORUS.ROLE.DB2DBA

Controls access to CA Chorus for DB2 Database Management functions. CA Chorus Infrastructure Management for Networksand Systems offers data from CA Insight, but the resource is not required for this discipline.

CHORUS.ROLE.INFRASTRUCTURE

Controls access to CA Chorus Infrastructure Management for Networksand Systems functions.

CHORUS.ROLE.SECURITY

Controls access to CA Chorus for Security and Compliance Management functions (UI and batch).

CHORUS.ROLE.STORAGE

Controls access to CA Chorus for Storage Management functions.

CHORUS.ROLE.SDKinstance

Controls access to an SDK. CA Chorus can support multiple SDKs. Work with the system administrator and application developer to define and share this name. We recommend that the application developer use this name to build the files necessary to support the SDK. For more details, see the Software Development Kit User Guide.

instance: An alphanumeric string to identify this resource for your SDK.

Important! Use unique names for your SDK instance. Be aware of like-named SDK instances because you can erroneously apply permissions. For example, CHORUS.ROLE.SDKROLE1 and CHORUS.ROLE.SDKROLE123 would have the same permissions. The same masking restrictions apply for letters and numbers.

CHORUS.SETTINGS.KNOWLEDGECENTER

Indicates that the user can index content in the Knowledge Center.

CHORUS.SETTINGS.AUTOREFRESH

Indicates that the user can use the auto-refresh option.

acid1, acid2, ..., acidn

Identifies the ACID of the CA Chorus user requesting access. The ACID can be a user or a profile.

READ

Indicates that the user has READ access.

The user has access to the specified resources and can log in and work in CA Chorus.

Example

The following commands grant user ABC1 the following abilities:

Log in to CA Chorus.
Use the functions of CA Chorus for DB2 Database Management.
Modify the documentation in the Knowledge Center.

Use the auto-refresh option.

TSS PERMIT(ABC1) CAMFC(CHORUS.ROLE.DB2DBA) ACCESS(READ)
TSS PERMIT(ABC1) CAMFC(CHORUS.SETTINGS.KNOWLEDGECENTER) ACCESS(READ)
TSS PERMIT(ABC1) CAMFC(CHORUS.SETTINGS.AUTOREFRESH) ACCESS(READ)