Part of the role of the security administrator is to tell the system users what they need to know to work without disruption when CA ControlMinder is installed.
The amount of detailed information each user needs to know about CA ControlMinder depends on the functions you authorize the person to use. Examples of information required by various types of system users include the following:
How to check out and check in privileged account passwords and understand when to request access to privileged accounts and when to break glass.
Be familiar with migration considerations and with the steps required to install or reinstall CA ControlMinder. Users who maintain the database must be familiar with the database utilities.
Users with the AUDITOR attribute should be familiar with the auditing tools (CA ControlMinder Endpoint Management and the seaudit utility).
Note: For more information about the seaudit utility, see the Reference Guide.
Programmers can use the CA ControlMinder* function library in their applications to request security‑related services, including controlling access to protected resources (by using the SEOSROUTE_RequestAuth function). Your installation can create installation‑defined resource classes. If your installation creates records in those classes, an application can issue a SEOSROUTE_RequestAuth command to check whether a user has sufficient authority to complete an action. The level of authority required for a particular user action is determined by the way the application invokes the SEOSROUTE_RequestAuth function.
Note: For more information about the CA ControlMinder API, see the SDK Guide.
Programmers writing authorized applications (programs that run with the SERVER attribute) can use the CA ControlMinder* function library to request security‑related services, including:
Copyright © 2013 CA Technologies.
All rights reserved.
|
|