HCL Workload Automation, Version 9.4

Specifying object attribute values

The following values are allowed for each object attribute (see in parenthesis the corresponding object type and object attribute for the composer command line interface):
Name (name)
Specifies one or more names for the object type.
  • For the Files (file) object type, the following values apply:
    globalopts
    Allows the user to set global options with the optman command. The following access types are allowed:
    • Display access for optman ls and optman show
    • Modify access for optman chg
    prodsked
    Allows the user to create, extend, or reset the production plan.
    security
    Allows the user to manage the security file.
    Symphony
    Allows the user to run stageman and JnextPlan.
    trialsked
    Allows the user to create trial and forecast plans or to extend trial plans.
    Note: Users who have restricted access to files should be given at least the following privilege to be able to display other object types that is, Calendars (calendar) and Workstations (cpu):
    file  name=globalopts  action=display
  • For the Variable Tables (vartable) object type, you can use the $DEFAULT value for the Name (name) attribute to indicate the default variable table. This selects the table that is defined with the isdefault attribute.
Workstation (cpu)
Specifies one or more workstation, domain, or workstation class name. If this attribute is not specified, all defined workstations and domains can be accessed. Workstation variables can be used:
$MASTER
The HCL Workload Automation master domain manager.
$SLAVES
Any fault-tolerant agent.
$REMOTES
Any standard agent.
$THISCPU
The workstation on which the user is running the HCL Workload Automation command or program.
If you use composer command line to define security domains, the following syntax applies:
cpu=workstation[,workstation]...
Custom (custom)
Use this attribute to assign access rights to events defined in event plug-ins. The precise syntax of the value depends on the plug-in. For example:
  • Specify different rights for different users based on SAP R/3 event names when defining event rules for SAP R/3 events.
  • Define your own security attribute for your custom-made event providers.
  • Specify the type of event that is to be monitored. Every event can refer to an event provider.
If you use composer command line to define security domains, the following syntax applies:
custom=value[,value]...
JCL (jcl)
Specifies the command or the path name of a job object's executable file. If omitted, all defined job files and commands qualify.

You can also specify a string that is contained in the task string of a JSDL definition to be used for pattern matching.

If you use composer command line to define security domains, the following syntax applies:
jcl="path" | "command" | "jsdl"
JCL Type (jcltype)
Specifies that the user is allowed to act on the definitions of jobs that run only scripts (if set to scriptname) or commands (if set to docommand). Use this optional attribute to restrict user authorization to actions on the definitions of jobs of one type only. Actions are granted for both scripts and commands when JCL Type (jcltype) is missing.

A user who is not granted authorization to work on job definitions that run either a command or a script is returned a security error message when attempting to run an action on them.

If you use composer command line to define security domains, the following syntax applies:
jcltype=[scriptname | docommand]
Logon (logon)

Specifies the user IDs. If omitted, all user IDs qualify.

You can use the following values for the Logon (logon) attribute to indicate default logon:
$USER
Streamlogon is the conman/composer user.
$OWNER
Streamlogon is the job creator.
$JCLOWNER
Streamlogon is the OS owner of the file.
$JCLGROUP
Streamlogon is the OS group of the file.
If you use composer command line to define security domains, the following syntax applies:
logon=username[,username]...
Provider (provider)

For Actions (action) object types, specifies the name of the action provider.

For Events (event) object types, specifies the name of the event provider.

If Provider (provider) is not specified, no defined objects can be accessed.

If you use composer command line to define security domains, the following syntax applies:
provider=provider_name[,provider_name]...
Type (type)

For Actions (action) object types, is the actionType.

For Events (event) object types, is the eventType.

For Workstations (cpu) object types, the permitted values are those used in composer or the Dynamic Workload Console when defining workstations, such as manager, broker, fta, agent, s-agent, x-agent, rem-eng, pool, and d-pool.
Note: The value master, used in conman is mapped against the manager security attributes.

If Type (type) is not specified, all defined objects are accessed for the specified providers (this is always the case after installation or upgrade, as the type attribute is not supplied by default).

If you use composer command line to define security domains, the following syntax applies:
type=type[,type]...
Host (host)
For Actions (action) object types, specifies the TEC or SNMP host name (used for some types of actions, such as sending TEC events, or sending SNMP). If it does not apply, this field must be empty.
If you use composer command line to define security domains, the following syntax applies:
host=host_name
Port (port)
For Actions (action) object types, specifies the TEC or SNMP port number (used for some types of actions, such as sending TEC events, or sending SNMP). If it does not apply, this field must be empty.
If you use composer command line to define security domains, the following syntax applies:
port=port_number