Client Automation Security Features › Authorization › Overview of Permissions › Area Permissions › Preconditions for Object Access in Areas
Preconditions for Object Access in Areas
The following conditions must be fulfilled before the area permission of the user is evaluated:
- The user must have object access (View or Read) to the object.
- The security area support on the domain manager must be enabled.
- All security profiles that the user is member of must be enabled for security area support.
If the first condition is not fulfilled, the object access for the user is denied regardless of the second and third condition. If the second or third condition is not fulfilled, the user will not be restricted based on the area permissions and be allowed to access all the objects.
Notes:
- All objects are accessible to the users who are members of security area disabled security profiles. We recommend that the administrator ensures that all security profiles are enabled for security area support.
- Security area support is not available on the DSM enterprise managers.
- The “Distributions” profile is the only built-in profile that can be enabled for security area support. All other built-in profiles are disabled for security area support.
- Objects belonging to the "Procedure" or "Software Job" security classes cannot be linked to any security area within the DSM Explorer. They are automatically linked to the areas their parent containers, "Software Package" and "Software Job Container", are linked to.
Copyright © 2014 CA Technologies.
All rights reserved.
|
|