ITM V6.3 - Using tivcmd commands to control access to resources displayed in monitoring dashboards
ericfreeman 270003XHWF Visits (3863)
You can run the tivcmd commands to create and work with authorization policies that control access to resources displayed in monitoring dashboards in the IBM Dashboard Application Services Hub. The tivcmd commands send requests to the Tivoli Authorization Policy Server application which maintains the master set of authorization policies. For more information on authorization policies and assigning policy administrators, see "Using role-based authorization policies" in the ITM Administrator's Guide.
To use the tivcmd commands, you must install the tivcmd Command Line Interface for Authorization Policy component on the system where you intend to run the commands. The Tivoli Authorization Policy Server component must be installed into the IBM Dashboard Application Services Hub. For more details, see the ITM Installation and Setup Guide.
The tivcmd command is installed into the <install_dir>/bin directory where <install_dir> is the directory where you installed the tivcmd Command Line Interface for Authorization Policy component. Within a Windows environment, the command name is tivcmd.exe. Within a UNIX or Linux environment, the command name is tivcmd.
Before you can use the tivcmd commands to create and work with authorization policies, a user with role administration permissions must use the tivcmd addtorole command to assign you to a role that has permissions to perform operations on roles. The first authorization policy administrator is specified when the Tivoli Authorization Policy Server is installed. That user is assigned to the predefined RoleAdministrator role and has permission to use all of the tivcmd commands. That user can assign other users permission to create and work with authorization policies by adding the users or their user group to the RoleAdminstrator role or to a custom role with similar permissions.
For examples of using the tivcmd commands to create roles, grant permissions to roles, and assign users to roles, see “Managing roles and permissions” in the ITM Command Reference.