CA ControlMinder supports the following types of users, that are used for managing resources in the CA ControlMinder database:
Your organization's in‑house end users—the people who carry out the business of your organization. You can limit regular users' access to the system with both the native OS and CA ControlMinder.
Regular users who have been given the ability to perform one or more specific administrative tasks. When regular users are given the ability to carry out specific administrative functions, the workload of the administrator is lessened. In CA ControlMinder, this is called task delegation.
Users who have the highest authority within the native OS and CA ControlMinder. Administrators can add, delete, and update users and can perform almost all administrative tasks. With CA ControlMinder, you are able to limit the abilities of the native superuser. You can allocate administration tasks to specific users whose accounts are not automatically known. This means that it is not immediately clear to an intruder which user performs administrative tasks.
Users who can perform most administrative functions, such as adding, deleting, and updating users, within one particular group. This type of user, with its particular, limited authority, is not found in native Windows.
Users who have the authority to change the password of other users. A password manager cannot change other user attributes. This type of user is not found in the native OS.
Users who have the authority to change the password of other users in one particular group. A group password manager cannot change other user attributes for users within the group. This type of user is not found in the native OS.
Users who have the authority to read audit logs. They also determine the kind of auditing done on each login and each attempt to access a resource. This type of user is not found in the native OS.
Users who can read audit logs relevant to their group. They also have the authority to determine the kind of auditing done within a particular group. This type of user is not found in the native OS.
Users who can display (read) all the information in the database, shut down CA ControlMinder, and use the secons utility to perform tasks such as manage CA ControlMinder tracing and display run-time statistics. This type of user is not found in the native OS.
Note: For more information about the secons utility, see the Reference Guide.
Users who can display all the information in the database for the group in which they are defined. This type of user is not found in the native OS.
A special type of user that is really a process, which can ask for authorization for other users.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|