We have EEM configured with APM 9.7 :
Looking into setting up users and groups giving access on a per domain basis - ie:
User A has access/visibility to domain A (and hide all other domains)
User B has access/visibility to domain B, C, D (and hide the rest)
Likewise user group A has access to domain A etc etc ...
Having read all the APM documentation its still not clear to me that this is possible ? or a limitation ?
If it is possible could you advise on how this is achieved ? assuming this is possible it will be using the safex cmd and create some xml actions ?
I have not tested this myself but I would have thought your scenario should be possible by creating explicit grant & deny policies in EEM for the various domains and assigning to the relevant users.
Managed to test this out and it seems to work as I expected - see attached steps for EEM global users I created but same should apply if you are using LDAP at the backend.
There is possibly a more efficient way in EEM to achieve the final required access limitations, but I have not gone into that.
Hope this helps
This is the perfect setup details for configuring users for a domain. This example should be included in the documentation for EEM.
Thanks for the feedback.
I also have KB for this (http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec1465734.aspx ), but I will request if the example can be included in the APM Security section for EEM.
Let us know if Lynn's posts answers your questions or if there are any followup questions
Nope Lynn came up with the goods - much appreciated, cheers.