Manage Users

Manage Users

How to Authorize a User to Work in CA Chorus

The security administrator authorizes users to work in CA Chorus (platform and disciplines). For CA Chorus, the security administrator must perform the following tasks:

• Authorize and confirm each user UNIX System Services (USS) environment.
• Authorize users to work in CA Chorus and its disciplines using the applicable External Security Manager (ESM).

Note: CA Chorus defines security resources in class CAMFC. You can remove the CAMFC resource class and user access permissions to restrict access and prevent specific users from logging in to the product.

To perform these authorizations, the security administrator uses CA ACF2, CA Top Secret, or IBM RACF.

Note: For more information, see the scenario "How to Authorize users to Work in CA Chorus" on the CA Chorus bookshelf.

How to Identify and Correct an Access Rights Problem

As a security administrator, modifying access rights for resources within your scope is a task that you regularly perform. This task is important because it:

• Ensures that users have appropriate access to resources.
• Enables users to access the appropriate resources quickly and remain productive.

This example describes how you can use CA Chorus and CA Top Secret to identify and correct an access rights problem, and then verify that you have corrected the problem.

In this example, you have just received a service desk ticket with the following information:

• An employee does not have proper access rights to information that is critical for the job.
• The employee has opened a helpdesk ticket to correct the problem.
• The manager confirms that you should give access to the employee.
• The employee has provided the name of a colleague who already has access to this information.

Your research indicates that the employee needs read access to a particular data set.

Perform these tasks to identify and correct the access problem:

1. Identify the missing role.
2. Modify access rights.
3. Verify the New Access.