My BBSA deployment is on Linux and only manages Linux boxes.
I have several users roles defined and I would like to have the ability to do the following:
- A role will be mapped to root on all servers.
- Another role will be mapped to root only on a group of servers (actually my BBSA infrastructure servers)
- Another role will never be mapped to root but to its account.
The first and third item I already know how to accomplish.
But the second one, how can I make it happen? Only by applying the users.local file on the desired servers or is there another approach?
in the role's agent acl tab, set the mapping to root for unix. grant the role permissions to only the desired servers.