|
|
|
CA Access Control has a maintenance mode, also known as silent mode, for protection when the CA Access Control services are down for maintenance. In this mode, CA Access Control denies events while these services are down.
When CA Access Control is running, it intercepts security sensitive events and checks whether the event is allowed. Without activating maintenance mode, all events are permitted when CA Access Control services are down. With active maintenance mode, events are denied when CA Access Control services are down, stopping user activity while the system is maintained.
Maintenance mode can be tuned, and it is disabled by default.
When the CA Access Control security services are down:
When maintenance mode is activated and security is down, the prevented events are not logged in the audit log file.
To enable maintenance mode, follow these steps:
\HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\AccessControl\FsiDrv
and change the following values:
The special_admins variable defines a list of user names that are allowed to access the computer while CA Access Control services are down.
Use a new line for each user. Whether specified or not, SYSTEM is always a maintenance mode user.
Note: On Windows 2000 and Windows NT you cannot use regedit to edit the SilentModeAdmins key; use Regedt32.exe instead.
Now, if CA Access Control services are down, only users that are listed under SilentModeAdmins registry key will have access to the computer, and all other users will receive a deny to any attempt of activity.
| Copyright © 2012 CA. All rights reserved. |
|