Our APM/CEM is integrated with EEM for LDAP. I have created a DL which is called "APM PowerUsers" which I have added to
System Adminstrative Setting write
System Configuration Settings capture comprehensive defect details
System Configuration Settings write
Yet my power user are not able to see detailed Defects info "HTTP Info" under Incident management tab
Any idea what I need to do in EEM to get them to see the HTTP Info which shows up below the "Web Server Info" in the screenshot above?
Thanks in advance
Looking at the default settings , You should see all of the Incident Page
When you use the EEM permissions test utility, does it pass? Is the EEM or EM log giving any errors/messages
Although the attachment is EEM+ CEM+ LDAP, it may give some ideas.
I also recall some KBs on this topic. (EEM and CEM)
If all that does not help, please open a case
Based on this document from Guenter_Grossberger I think you need to add "CEM Incident Analyst"
It is the "Business Service read sensitive data" access policy that is crucial
EEM Authentication and Authorization for CEM - CA Application Performance Management - 10.5 - CA Technologies Documentat…
The Business Service resource class also has two extra actions that are associated with it only: read and read sensitive data. In CA CEM, HTTP header information is attached to a defect. Having read sensitive data permission for a business service allows a CA CEM user to view the defect-related HTTP header information for that business service.
Lynn_Williams actually the "Business Service" resource has 4 diff access policies associated with it
So, you are saying the the DL I want to give access to read "HTTP Info", that DL (gug) needs to be part of the 4th policy shown above in the screenshot or should I copy that policy and rename it and leave the original alone? I would then I have create diff policy for each of the apps I am monitoring using CEM b/c our security model dictates that one app team should not have visibility into another apps' CEM info.
Yes it is the 4th policy action "read sensitive data"
With the security limitation you described yes for each group you want to limit the data access you will need to create a different Business Service Access Policy, assign the required actions and group - see step 7 in above pdf posted by Hal.
Here is the wiki section but it is not as detailed as the pdf
Setting the Security Groups for New Business Services - CA Application Performance Management - 10.5 - CA Technologies D…
Hope that helps
I've applied the changes and awaiting to hear back from my customer/user. I am pretty this will resolve the issue but if it doesn't then I'll reply to this thread.
Thanks again for all assistance.
harcr06 - FYI
I know we were discussing this last week during our health check on EEM integration privileges for proper access to CEM for "HTTP Info". This thread answers that.
Lynn's last comment about the policy setting is the likely culprit. We also have not heard anything further from you. So marking as answered. We welcome further updates and questions on this issue as warranted