Controlling Access to ACLs
By default, the Integrity Lifecycle Manager ACLs are installed to allow read and update access by the group called everyone. Depending on your chosen format for server authentication, this could mean that everyone in your organization who can be authenticated on the Integrity Lifecycle Manager server can have access to making updates to the ACLs.
Access to managing ACLs is through the Authorization Administration application. You can manage ACLs using the Integrity Lifecycle Manager administration client, Integrity Lifecycle Manager client, or CLI.
The CLI man pages provides details on managing ACLs using the CLI. To see the same details online, you can type man aa from the CLI, or you can see reference pages for specific commands by typing man acls, man aaaddaclentry, and so forth.
As the system administrator, one of your first tasks is to refine the ACLs so that access to Authorization Administration is appropriately restricted. Once you modify or create the necessary ACLs, the information is dynamically loaded by the Integrity Lifecycle Manager server. You do not have to restart the server.
|
If multiple administrators work in the Permissions views, changes update dynamically as the server refreshes the changed view each time it is newly accessed by another user.
If two administrators concurrently edit the same entry, the view cannot be updated and the system processes the changes that are received first. The second user is prompted that the operation cannot be completed.
|