3 Replies Latest reply on Oct 11, 2010 7:40 PM by Bill Robinson

    Automating Permission Updates to newly added servers

    Amir Khamis

      Hi Guys,

      got a question to run by you.

      If we simply add a server to BL as BLAdmins and then we need some type of security admin to have access to this server, perhaps read only on certain things.  without specifying that as part of adding the server can that be automated? in other words: can someone in the GUI add a server and it will automatically have BLAdmins and security admins added to this server permissions? so when the ACL push job runs, users config file will have both BLAdmins and security admins.

      the reason I ask because people forget to perform this manual step and I am ending up manually appending the permissions on all servers for the security admin team.

      I created an ACL policy, added to it both BLAdmins and Securityadmins permissions, I then created an ACL Template and added to the new acl template the new acl policy I created.  I then updated the bladmin role to use the newly created template as default.,  that did not help, I still need to manually append securityadmins permissions!

      thanks for any help on this.

        • 1. Re: Automating Permission Updates to newly added servers
          Bill Robinson

          Create an ACL Template.

          Put the roles/permissions in there that you want set on the objects.

          On all the roles that add servers, make this the ‘default object permissions template’.

           

          Alternatively:

          Create an acl policy w/ the acls

          Create an acl template

          Put the acl policy in the acl template

          On all the roles that add servers, make this acl template the ‘default object permissions template’.

          • 2. Re: Automating Permission Updates to newly added servers
            Amir Khamis

            Thanks Bill,

            that was exactly what I tried before coming here.  so while adding a server in 7.6 and I am at "Add New Server Step 2 of 2 (Permissions)) there is an option there is a button"Agent ACL's Preview".  if I press on it, I don't see security admins! I only see BLAdmins in the preview.  if I keep going and add the server completely and then preview the ACL's that screen has the right information on it.  so when validating using this quick button I thought that I am doing something wrong and there must be a diffrent procedure.  I guess I will let support know, perhaps this is done like this by design, but very confusing.

            thanks again for the quick reply, I am good for now knowing not to depend on the quick preview.

            • 3. Re: Automating Permission Updates to newly added servers
              Bill Robinson

              That’s interesting.  Maybe because that acls have not been applied yet to the object the preview does not show the additional role mappings?  That is confusing.