WORKLOAD AUTOMATION COMMUNITY
  • Home
  • Blogs
  • Forum
  • Resources
  • Events
    • IWA 9.5 Roadshows
  • About
  • Contact
  • What's new

Who can do what? The new Workload Scheduler role-based security model

9/20/2017

7 Comments

 
Picture
Among the latest enhancements of Workload Scheduler product (also known as TWS – Tivoli Workload Scheduler) there is the new role-based security model to grant and revoke accesses and permissions to Workload Scheduler users.

Available from both Command Line Interface (composer) and web interface (Dynamic Workload Console) the new security model introduces some new concepts that simplifies the usage of the Security File.
​
In this post we will see how define accesses from the web console. 
​Manage Workload Security Page
This is the entry point to manage the security of Workload Scheduler. Here, you can access different functionalities in one-click (e.g. view access permission for a certain user or group!)
Picture
Per the new security model, new objects that you can define from the Manage Workload Security page of the web console are:

Security Role
Each role is a set of actions that user or groups can do on Workload Scheduler objects. Permissions are organized in meaningful sections with predefined subsets: pick yours with just one-click if they fit your needs!

For example, the section Manage Event Rules provide No Access, Read-Only, Full Access (with predefined set of permissions) and Custom mode (where you can customize each single action).

For each permission there is an association with the security file keywords and a detailed explanation of both general section and single permission itself.
Picture
Security Domain
Each domain represents the set of scheduling objects that users or groups can manage. There is available a bunch of filters you can associate to a domain and create your subset of workload that needs to be associated to someone.
You can choose two way of using the Security Domain definition:

- Simple: just specify a set of rules that will apply on all the scheduling objects of the scheduler. If you are using a general name convention to organize your objects, you can specify a rule as follows:
Picture
In this way, user that belong to MY_SECURITY_DOMAIN can see only objects that starts with MY_SUBSET (asterisk is used as wildcard) name but that doesn’t belong to workstation WKS01.

In fact, property match can be inclusive or exclusive. The Interface shows AND and OR keywords to let you better understand how the filter will be evaluated.

Moreover, multiple rules can be specified to create a larger domain (e.g. objects that starts with AA01 and BB01)

- Complex: you can specify permission in the same way but for each Workload Scheduler object ​
Picture
Using the “complex” mode, not only Name and Workstation filters can be specified, but for each object you will find a different set of rules that you can specify.

Access Control List
Each access control list is defined assigning roles to users or groups, on a certain security domain.
​
For users and groups, if available, all the users configured to work with Workload Scheduler are automatically showed in a filterable list. You can also specify a user/group that is not in the picklist of available names.
Picture
​As soon you associate a user/group with a set of roles on a specific domain, the user interface automatically suggest you a set of roles you can associate to a Dynamic Workload Console user that will leverage this ACL.
Picture
​If you are working with LDAP, a good way to customize your ACL is to use groups to simplify security definition.
Picture
Each of these new objects can be fully managed from a single point of control (the initial page showed at the beginning of this post).

​Clicking on Manage Access Control List a table with the full list of ACLs is shown. From here you can edit, delete, create objects and see previous versions of the objects.
Picture
Picture
Francesco Brillante
Software Engineer
Workload Automation
Connect with me on Twitter @brillanteNA
Follow the Transparent Development Community!

Francesco is a Software Engineer and Scrum Master experienced in full-stack web development and design. He has worked in the Workload Automation area since 2013 and is currently based in the HCL Products and Platforms Rome software development laboratory. He comes from southern Italy and is a pizza expert, rock music lover, JavaScript geek and SSC Napoli supporter! ​​
7 Comments
security access control atlanta link
12/1/2017 08:40:31 am

Owners of businesses need to know who comes in and out of the building. This kind of knowledge is important for reasons including security and safety. The problem, however, is that tracking every single person who enters and exits the building would be difficult, and hiring a security company to monitor the building can be expensive.

Reply
security access control atlanta link
12/1/2017 08:41:24 am

Owners of businesses need to know who comes in and out of the building. This kind of knowledge is important for reasons including security and safety. The problem, however, is that tracking every single person who enters and exits the building would be difficult, and hiring a security company to monitor the building can be expensive.

Reply
how to start your own security company link
3/26/2018 10:08:12 am

This is a great inspiring article.I am pretty much pleased with your good work.You put really very helpful information. Keep it up. Keep blogging. Looking to reading your next post.

Reply
Broken key in ignition Carefree AZ link
7/24/2018 10:54:55 am

Locksmiths come in handy when you have locked yourself out of your home and you can't get back in or when for different reasons you have lost your keys. The lock cylinders in a home might also need rekeying at some point or you might have the need to change the locks around your home. They are all services that can be offered by residential locksmiths in and around your place of residence. Locksmith companies specialize in home security systems and high security upgrades.

Reply
security company link
9/8/2018 07:34:36 am

Almost always, security guard rates are determined on an hourly basis. Large cities generally cost more for guard service.

Reply
locksmith perth link
7/12/2019 01:17:03 am

All workmanship and products are guaranteed and we pride ourselves on offering outstanding value for money,

Reply
what is cyber security link
4/4/2020 02:49:58 pm

Thanks for the blog post buddy! Keep them coming...

Reply

Your comment will be posted after it is approved.


Leave a Reply.

    Archives

    March 2023
    February 2023
    January 2023
    December 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    January 2020
    December 2019
    November 2019
    October 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017

    Categories

    All
    Analytics
    Azure
    Business Applications
    Cloud
    Data Storage
    DevOps
    Monitoring & Reporting

    RSS Feed

www.hcltechsw.com
About HCL Software 
HCL Software is a division of HCL Technologies (HCL) that operates its primary software business. It develops, markets, sells, and supports over 20 product families in the areas of DevSecOps, Automation, Digital Solutions, Data Management, Marketing and Commerce, and Mainframes. HCL Software has offices and labs around the world to serve thousands of customers. Its mission is to drive ultimate customer success with their IT investments through relentless innovation of its products. For more information, To know more  please visit www.hcltechsw.com.  Copyright © 2019 HCL Technologies Limited
  • Home
  • Blogs
  • Forum
  • Resources
  • Events
    • IWA 9.5 Roadshows
  • About
  • Contact
  • What's new