Actions on security objects
The following tables show the actions that users or groups can perform on the different object types, for each IBM Workload Scheduler task. See in parenthesis the corresponding actions and objects values that you must use when defining role-based security with composer command line interface.
Design and Monitor Workload | |
---|---|
Actions that users or groups can perform | Security object types |
List (list) Display (display) Create (add) Delete (delete) Modify (modify) Use (use) Unlock (unlock) Actions on remote workstations while modeling jobs (cpu-run) Note: See in parenthesis the corresponding actions and objects values that you must
use when defining role-based security with the composer command-line interface.
|
Jobs (job) Job Streams (schedule) User Objects (userobj) Prompts (prompt) Resources (resource) Calendars (calendar) Run Cycle Groups (runcygrp) Variable Tables (vartable) Workload Application (wkldappl) Workflow Folders (folder) Parameters (parameter) |
Modify current plan |
---|
Actions that users or groups can perform on the current plan |
Add job stream dependency (schedule - adddep) Add job dependency (job - adddep) Remove job dependency (job - deldep) Remove job stream dependency (schedule - deldep) Change job priority (job - altpri) Change job stream priority (schedule - altpri) Cancel job (job - cancel) Cancel job stream (schedule - cancel) Rerun job (job - rerun) Confirm job (job - confirm) Release job (job - release) Release job stream (schedule - release) Kill jobs (job - kill) Reply to prompts (prompt - reply) Reply to job prompts (job - reply) Reply to job stream prompts (schedule - reply) Alter user password (userobj - altpass) Change jobs limit (schedule - limit) Actions on job remote system (job - run) Change resource quantity (resource - resource) Note: See in parenthesis the corresponding actions and objects values that you must
use when defining role-based security with the composer command line interface. |
Submit Workload |
---|
Workload definitions that can be added to the current plan |
Only existing job definitions (job - submitdb) Existing jobs definitions and ad hoc jobs (job - submit) Existing job stream definitions (schedule - submit) Note: See in parenthesis the corresponding actions and objects values that you must
use when defining role-based security with the composer command line interface. |
Manage Workload Environment |
---|
Actions that users or groups can perform on workstations, domains, and workstation classes |
List workstations (cpu - list) Display workstation details (cpu - display) Create workstations (cpu - add) Delete workstations (cpu - delete) Modify workstations (cpu - modify) Use workstations (cpu - use) Unlock workstations (cpu - unlock) Start a workstation (cpu - start) Stop a workstation (cpu - stop) Change limit (cpu - limit) Change fence (cpu - fence) Shutdown (cpu - shutdown) Reset FTA (cpu - resetfta) Link (cpu - link) Unlink (cpu - unlink) Use 'console' command from conman (cpu - console) Upgrade workstation (cpu - manage) Note: See in parenthesis the corresponding actions and objects values that you must
use when defining role-based security with the composer command line interface.
|
Manage Event Rules |
---|
Actions that users or groups can perform on event rules |
List event rules (eventrule - list) Display event rules details (eventrule - display) Create event rules (eventrule - add) Delete event rules (eventrule - delete) Modify event rules (eventrule - modify) Use event rules (eventrule - use) Unlock event rules (eventrule - unlock) Display actions in the event rules (action - display) Monitor triggered actions (action - list) Use action types in the event rules (action - use) Submit action (action - submit) Use events in the event rules (event - use) Use a File Monitor event on the workstation where the file resides. (event - display) Note: See in parenthesis the corresponding actions and objects values that you must
use when defining role-based security with the composer command line interface. |
Administrative Tasks |
---|
Administrative tasks that users or groups can perform |
View configuration ( dump security and global options) (file - display) Change configuration (makesec, optman add) (file - modify) Delete objects definitions (file - delete) Unlock objects definitions (file - unlock) Allow planman deploy, prodsked and stageman (file - build) Delegate security on folders (folder - acl) Note: See in parenthesis the corresponding action and object values that you must use
when defining role-based security with the composer command-line interface. |
Workload Reports | |
---|---|
Actions that users or groups can perform on workload reports | |
Generate workload reports (display report) |
Reports in Dynamic Workload Console
|
Note: See in parenthesis the corresponding actions and objects values that you must
use when defining role-based security with the composer command line interface. |
Folders |
---|
Actions that users or groups can perform on folders |
Access folders |
chfolder (display) listfolder (list or list and display) mkfolder (modify) rmfolder (delete) renamefolder (add) Note: See in parenthesis the corresponding actions and objects values that you must
use when defining role-based security with the composer command line interface.
|