Security in CA ITCM has the following levels:
Authentication identifies members of trusted computing authorities based on the credentials provided. Trusted computing authorities for CA ITCM include the following:
These security principals are mapped to the security profiles to grant the access permissions. You can also authorize users from trusted Windows domains to access CA ITCM. This means, administrators of the enterprise manager can access the domain manager with the same account name and password, even if they are in different Windows domains, provided that trust relationships have been established.
For example, if the DSM domain manager SRVDMGR01 is in the Windows domain DM01 that has a trust relationship with another Windows domain DM02, the users and groups in both the security authorities can be granted access rights to CA ITCM .
On Windows, CA ITCM supports Microsoft Unified Logon. This means that every time you open the DSM Explorer, it connects to the DSM domain manager using the credentials of the currently logged in user. You can, however login as a different user.
Note: The term Windows refers to the Microsoft Windows operating system, including Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008. Unless specifically designated, Windows refers to any supported Microsoft Windows operating system.
You can grant access rights to a user or group in the Security Profiles dialog.
Authorization (also known as permissions) controls the rights and privileges associated with an authenticated entity, typically, the logged-in user. You can define authorization at the class, group, object, and area levels.
Specifies the access permissions for a class. Permissions specified at this level are applicable to all the objects in this class. For example, the permissions given in the Computer class are applicable to all the computers in the domain.
Specifies the access permissions for a computer or user group. Permissions specified at this level overrides the class permissions.
Specifies the access permissions for an object. Permissions specified at this level overrides the group permissions.
Specifies the access permissions for an area. Permissions specified at this level controls the access rights to the member objects and users of the area.
Note: You can authorize only those users or groups who have access rights to the CA ITCM system. For more information on Authentication and Authorization, see the Implementation Guide.
|
Copyright © 2013 CA.
All rights reserved.
|
|