×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Unsupported content

 

This version of the product is in limited support. However, the documentation is available for your convenience. You will not be able to leave comments.
BMC Client Management 12.6 ... Administering Managing global settings Managing system variables

Managing security settings

From the Security tab of the Global Settings > System Variables page, you can define the following default security settings of your system:

Parameter

Description

Create Default System Administrator

The value in this field defines if system authentication is used for logon. If the value set is Yes , your general system login can be used. This means that all attempted logins which are authenticated by the system cause a matching login to be created in the database. For security reasons, however, no capabilities will be assigned to these logins. All of these automatically created administrator logins have their System Password Check box in the Properties window checked. If the value is set to No , a specific user login must be created for each administrator to log on to the BMC CM console. The default value for this attribute is No . For more information about how to create administrator logins, refer to the What you have to know about Administrators topic.

Display Hidden Devices in the Topology Graph

This parameter defines, if users without read access rights to the master or relays can view their devices in the topology graph. By default this option is set to No , they cannot. If the option is activated, the administrator can see the part of the topology including the devices on which he has access rights but all devices on which he does not have at least read access, that is, master and relays will appear dimmed and are not accessible. All other devices on which he has no access rights will not appear in the view.

Maintain Administrators at Directory Server Synchronization

This parameter defines if administrators are also removed from synchronized groups during resynchronization. Normally, if an administrator is removed from his AD group it will also be removed from his CM group during the next synchronization. However, if the capabilities or access rights of this administrator are transferred via the administrator group, this might cause a number of problems, if the administrator in question is assigned as a populator for groups for example, causing the groups to "depopulate" and if operational rules are assigned to this group, they will be unassigned from the devices of the group.

Disable all administrators that are not a member of any group at a directory server synchronization

As administrators might have functionalities that are to be transferred to other administrators when they are deleted, such as being a populator, it is not possible to automatically delete administrators if they no longer belong to any group. This option allows however, to disable the administrators that are not a member of any administrator group to distinguish them. By default this option is deactivated.

Allow Object Assignments to Unknown Device

If this option is activated devices unknown to the CM database can be assigned to the available objects, that is, operational rules, transfer windows, and so on. In this case the unknown device displays the Assigned Objects node in addition to the Inventory and Events nodes. After the device becomes known to the database it will synchronize all assigned objects and thus be operational automatically. By default this option is not activated.

Block Access to MyApps

Block Access to MyApps This option deactivates the access to the application kiosk MyApps of the browser agent interface. If it is activated neither user nor administrator can access this page.

Authorize Deprecation of Relays

Check this box to allow the deprecation of relays even though it still is the parent to other devices. In this case the relay will be moved to Lost and Found from where it can be deleted and its former children will be removed from the Topology view but they can still be displayed via their device groups.

Request System Credentials for Windows Remote Access

Check this box to force the use of credentials when directly accessing Windows devices. In this case you is required to enter your credentials when accessing the target device via the Direct Access or Remote Control functionality.

Request System Credentials for Linux Remote Access

Check this box to force the use of credentials when directly accessing Linux devices. In this case you is required to enter your credentials when accessing the target device via the Direct Access or Remote Control functionality.

Request System Credentials for Mac OS Remote Access

Check this box to force the use of credentials when directly accessing MAC OS devices. In this case you is required to enter your credentials when accessing the target device via the Direct Access or Remote Control functionality.

Remote Access Acknowledgement Timeout (sec)

This parameter defines the timeout in seconds after within which the remote user can allow remote access request to an administrator. If the timeout is reached the administrator is informed that the remote user did not respond within the time allowed for the direct access or remote control request.

If the value is set to zero, the timeout functionality is disabled.

Lock the new installed agent servicesCheck this box to lock the newly installed agent services.
Service Unlock PasswordEnter the service unlock password.

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Last modified by Darshana Bhangare on Jul 31, 2019

Comments

Log in or register to comment.

Managing system variables
Event and logging settings
© Copyright 2013 - 2021 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.