Setting up system and command authorizations
In the RBAC Manager folder the Authorizations node lets you set up system and command authorizations.
A system authorization is a permission to perform a specific class of actions in BMC Server Automation. For example, the DepotGroup.Create authorization lets you create depot groups while the DepotGroup.* authorization lets you perform any type of action related to depot groups. For a full listing of all possible system authorizations, see System authorizations. In the RBAC Manager folder, the only action you can take to set up a system authorization is to specify how the authorization is used to generate an audit trail.
A command authorization is a permission to perform a specific Network Shell or nexec command. An nexec command is a command that is not native to Network Shell. Commands linked to nexec are described using the format
command such as
(nexec)arp. A standard BMC Server Automation installation includes default nexec commands. You can also add and delete custom nexec commands. A custom nexec command can consist of actions that can be executed using the Network Shell
nexec command, including scripts stored on remote servers.
Using the Authorization node, you can perform the following procedures: