1 of 1 people found this helpful
Unfortunately you can't limit access to the Planning domain, e.g. hide it from unauthorised users. It would be great if you could.
All you can do is limit the access people have to the Planning functions to prevent them doing any damage!
1 of 1 people found this helpful
There are security options on Control-M that can allow you to limit access to specific entities, these exist on the Control-M Server and the EM Authorisations.
The Control-M Server settings can be somewhat complex and you should test first (and consider if it is worth the trouble). I would recommend going with the Enterprise Manager settings first (shown second here) and testing.
Basically you would switch Control-M Server security "on" (via the main config menu in ctm_menu) and then use ctmsec to define access for the various groups (if you want everybody to stay with "unfettered" access then simply define groups as */*). Then in the ctmsec utility-
| CONTROL-M SECURITY MAINTENANCE UTILITY |
| Main Menu |
1) User Maintenance
2) Group Maintenance
3) Scheduling Table Authorization
4) Active Jobs File Authorization
5) Entities Authorization
Select option 5 and limit the calendar access for the "problem" group there. This will not grey out the option in the GUI but it will stop unauthorised users from uploading changes.
Alternatively (or in addition, if you really want to stop the users from doing this) you can change the access on the Enterprise Manager side (which can be completely separate from Control-M Server Security, depending on how you have configured the system) and do this from the CCM -
Assigning a Calendar authorization
This procedure describes how to assign a Calendar authorization for a Control-M/EM user or group, which enables you to limit the actions a user can perform on a calendar.
To assign a Calendar authorization:
- From the Security tab, in the Security group, click Authorizations. class="listcontinue"
- Do one of the following:
- If you want to define a Calendar authorization for a Control-M/EM user, select the Users tab and double-click the user that you want to apply an authorization.
- If you want to define a Calendar authorization for a Control-M/EM group, select the Group tab and double-click the group that you want to apply an authorization.
- Select the Calendars tab and click . class="listcontinue"
- For each field, type or select the required value, as described in Calendar authorizations and then click OK. class="listnote"
The settings are as follows -
Calendar authorizations grant users access to specific calendars in Control-M and an authorization level for each calendar, as described in the following table:
Determines one of the following access levels for each user and group:
- None: Disables the user from viewing, adding, editing, and deleting objects in Control-M
- Browse: Enables the user to view and refresh objects in Control-M
- Update: Enables the user to add and edit objects in Control-M
- Full: Enables the user to add, edit, and delete objects in Control-M
- Default: Inherits the authorizations from the associated group
Defines the name of the Control-M/Server (or Control-M for z/OS) that processes the job.
Define the name of the calendar that the user has access to based on the access level.