Granting access privileges for LDAP or RACF users or groups

Edit online

You can assign user roles to a user or group, grant access privileges to individual sessions and tasks, and choose actions that operators are allowed to perform.

About this task

Perform the following steps to authorize an LDAP or RACF user or group:
Notes:
  • You can use an operating system repository, such as RACF, which is the example that is used in this task, for z/OS systems. LDAP can be used for both distributed systems and z/OS systems.
  • The immediate parent group must be added as a user to be able to log in with user names that belong to the group.

Procedure

  1. Log on to Copy Services Manager as a user with administrator privileges.
  2. In the menu bar, click Settings > Administration.
  3. On the Administration page, click Add Access above the Copy Services Manager (CSM) user names box. The Add Access wizard is displayed.
  4. To search on an existing LDAP or RACF (for example) user or group to grant access to, select Search for existing Users or Groups to add access., and type the name of the LDAP or RACF user or group.
    Tip: You can enter a partial name and use the * wildcard character to represent zero or more characters. For some registries, the search on user or group is case-sensitive.
  5. Click Next. The Select Users and Groups window is displayed.
  6. Choose one or more LDAP or RACF user or group names. After making your selection, click Next.
  7. A window will prompt you to select What level of access should the user have? Select the role to associate with the LDAP or RACF user or group.
    Notes:
    • If you selected more than one LDAP or RACF user or group, you must assign them all the same role. To assign different roles to different LDAP or RACF users or groups, you must select them individually.
    • If an LDAP or RACF user is assigned to one role as an individual and a different role as a member of a group, the user has access to the permissions of the role with greater access.
  8. If you selected the Operator role, choose whether you want the Operator to Manage all sessions or individually Select sessions to manage. After making your selection, click Next.
  9. A window will prompt you to select What actions should the operator be allowed to perform? You can choose between Default operator actions against managed sessions or Select which actions to allow against managed sessions. After making your selection, click Next.
  10. A window will display an Access Summary, including Access Level, Users and Groups, Sessions Managed, and Actions Allowed. Click Apply.
  11. On the Administration page, a bar will appear at the bottom of the Administration icon indicating that the LDAP or RACF user or group has been updated.