Specifying object attribute values
The following values are allowed for each object attribute
(see in parenthesis the corresponding object type and object attribute
for the composer command line interface):
- Name (name)
- Specifies one or more names for the object type.
- For the Files (file) object type, the following
values apply:
- globalopts
- Allows the user to set global options with the optman command.
The following access types are allowed:
- Display access for optman ls and optman show
- Modify access for optman chg
- prodsked
- Allows the user to create, extend, or reset the production plan.
- security
- Allows the user to manage the security file.
- Symphony
- Allows the user to run stageman and JnextPlan.
- trialsked
- Allows the user to create trial and forecast plans or to extend trial plans.
Note: Users who have restricted access to files should be given at least the following privilege to be able to display other object types that is, Calendars (calendar) and Workstations (cpu):file name=globalopts action=display - For the Variable Tables (vartable) object type, you can use the $DEFAULT value for the Name (name) attribute to indicate the default variable table. This selects the table that is defined with the isdefault attribute.
- For the Files (file) object type, the following
values apply:
- Workstation (cpu)
- Specifies one or more workstation, domain, or workstation class
name. If this attribute is not specified, all defined workstations
and domains can be accessed. Workstation variables can be used:
- $MASTER
- The HCL Workload Automation master domain manager.
- $SLAVES
- Any fault-tolerant agent.
- $REMOTES
- Any standard agent.
- $THISCPU
- The workstation on which the user is running the HCL Workload Automation command or program.
If you use composer command line to define security domains, the following syntax applies:cpu=workstation[,workstation]... - Custom (custom)
- Use this attribute to assign access rights to events defined in event plug-ins. The precise syntax of the value depends on the plug-in. For example:
- Specify different rights for different users based on SAP R/3 event names when defining event rules for SAP R/3 events.
- Define your own security attribute for your custom-made event providers.
- Specify the type of event that is to be monitored. Every event can refer to an event provider.
If you use composer command line to define security domains, the following syntax applies:custom=value[,value]... - JCL (jcl)
- Specifies the command or the path name of a job object's executable
file. If omitted, all defined job files and commands qualify.
You can also specify a string that is contained in the task string of a JSDL definition to be used for pattern matching.
If you use composer command line to define security domains, the following syntax applies:jcl="path" | "command" | "jsdl" - JCL Type (jcltype)
- Specifies that the user is allowed to act on the definitions of
jobs that run only scripts (if set to scriptname)
or commands (if set to docommand). Use this optional
attribute to restrict user authorization to actions on the definitions
of jobs of one type only. Actions are granted for both scripts and
commands when JCL Type (jcltype) is missing.
A user who is not granted authorization to work on job definitions that run either a command or a script is returned a security error message when attempting to run an action on them.
If you use composer command line to define security domains, the following syntax applies:jcltype=[scriptname | docommand] - Logon (logon)
Specifies the user IDs. If omitted, all user IDs qualify.
You can use the following values for the Logon (logon) attribute to indicate default logon:- $USER
- Streamlogon is the conman/composer user.
- $OWNER
- Streamlogon is the job creator.
- $JCLOWNER
- Streamlogon is the OS owner of the file.
- $JCLGROUP
- Streamlogon is the OS group of the file.
If you use composer command line to define security domains, the following syntax applies:logon=username[,username]...- Provider (provider)
-
For Actions (action) object types, specifies the name of the action provider.
For Events (event) object types, specifies the name of the event provider.
If Provider (provider) is not specified, no defined objects can be accessed.
If you use composer command line to define security domains, the following syntax applies:provider=provider_name[,provider_name]... - Type (type)
-
For Actions (action) object types, is the actionType.
For Events (event) object types, is the eventType.
For Workstations (cpu) object types, the permitted values are those used in composer or the Dynamic Workload Console when defining workstations, such as manager, broker, fta, agent, s-agent, x-agent, rem-eng, pool, and d-pool.Note: The value master, used in conman is mapped against the manager security attributes.If Type (type) is not specified, all defined objects are accessed for the specified providers (this is always the case after installation or upgrade, as the type attribute is not supplied by default).
If you use composer command line to define security domains, the following syntax applies:type=type[,type]... - Host (host)
- For Actions (action) object types, specifies the TEC or
SNMP host name (used for some types of actions, such as sending TEC
events, or sending SNMP). If it does not apply, this field must be
empty.If you use composer command line to define security domains, the following syntax applies:
host=host_name - Port (port)
- For Actions (action) object types, specifies the TEC or
SNMP port number (used for some types of actions, such as sending
TEC events, or sending SNMP). If it does not apply, this field must
be empty.If you use composer command line to define security domains, the following syntax applies:
port=port_number