5 Replies Latest reply on Feb 20, 2012 8:17 AM by Monoj Padhy

    ACL Policy Behaviour

    Monoj Padhy

      Hi,

       

      Could anyone know why the ACL policy unable to take effect immediately in case of server.read and server.browse authorizations ?

       

      Thanks,

       

      Monoj

        • 1. Re: ACL Policy Behaviour

          Did you push ACL’s to the server after you added them?

           

          Adam Bowen

          phone: 304.916.7673

           

           

          cid:image003.jpg@01CCEB19.2987B0D0<http://www.bmc.com/

          • 2. Re: ACL Policy Behaviour
            Bill Robinson

            Also – what do you mean by ‘take effect’ ?  can you see the server object after applying the acls w/ the new role? or is it just live browse that doesn’t work?

            • 3. ACL Policy Behaviour
              Monoj Padhy

              HI,

               

              I have created a acl policy that contain server.read and server.browse and applied on a particular server.

               

              Everything worked fine but when i modified the acl policy by removing the server.browse and server.read , i did not find any changes to the server.

              I am still able to browse the server.

               

              But according to the documents it states that any changes to the acl policy reflected without replying the policy to the object(here the server).

               

              This concept works fine for other authorizations like server.startservice, server.modify .

              but i am unable to understand why it does not behave as expected in case of server.read and server.browse ?

               

              Thanks,

              Monoj

              • 4. Re: ACL Policy Behaviour
                Bill Robinson

                What do you mean by browse the server?  through the gui ?

                 

                What other permissions are on the server – either via the aclp or directly associated w/ the object?

                • 5. ACL Policy Behaviour
                  Monoj Padhy

                  Hi Bill,

                   

                  I have applied a acl policy on a server that contain the following authorizations.

                   

                  server.read

                  server.browse

                   

                  After that i removed the server.browse from the acl policy and noticed that still i am able to browse the browse.

                   

                  Just for testing purpose i created another acl policy wih the following authorizations.

                   

                  server.read

                  server.browse

                  server.startservice

                  server.stopservice

                   

                  By appling this i am able to start and stop the services of the server. when i removed server.stopservice from the acl policy , the stop option is disabled and i  am unable to stop any of the services (without reappling the acl policy to the server the changes are reflecting but in the previous case i have to reapply the policy on the server to reflect the changes made to the policy)

                   

                  So i am suprised why in case of server.browse and server.read the acl policy is not reflecting the changes its reflection when we change the policy ?

                   

                  Thanks,

                   

                  Monoj