Previous Topic: GROUP-PWMANAGER AttributeNext Topic: File Ownership


Ownership

Every record in the database-including both accessor records and resource records-has an owner. When you add a record to the database, you can either explicitly assign its owner by using the owner parameter or let CA ControlMinder assign the user who defines the record as the owner of the record.

Accessors own a record if any of the following are true:

If you remove a user or group that owns records from the database, the records no longer have an owner.

Users who own records have the following access authority for the records they own:

Access

Description

Commands

Read

Show the properties of the record.

showusr, showgrp, showres, showfile

Modify

Change the properties of the record.

chusr, chgrp, chres, chfile

Delete

Remove the record from the database.

rmusr, rmgrp, rmres, rmfile

Connect

Join a user to a group or separate a user from a group.

join, join‑

If you do not want a user or group to have ownership authority over a particular record, assign the owner nobody to the record and to any resource group record that the record is a member of.

The limits of the ownership privileges are as follows: