Skip to Content

Access Rights and Capabilities

The security of the console is enforced through the administrators and administrator groups registered in the BCM database . Each administrator and administrator group has a CCL (Capability Control List) which dictates what it can do. The administrators and administrator groups nodes and their capability definitions specify the access to the console in general, that is, who can interrogate or manipulate the database and its contents. The access of administrators to objects is restricted by an ACL (Access Control List) that includes the following possibilities: READ/WRITE/ASSIGN. The Security Profile node or the Security tab define these access rights for specific objects. When you log on to the console for the first time and go to the Administrators node under the Global Settings node you can see two administrators already been created:

  • admin
     The admin user is equipped with all permissions and capabilities, that is, it has full access rights on all objects in the database. It cannot be deleted but its password can be modified, however, neither its capabilities nor its static and dynamic objects. It can also be regarded as the superadministrator.
  • system
     The system user is the login used by the master server itself for all database actions which it executes automatically, such as those of the data mover or autodiscovery module. None of its settings can be modified. The icon of this administrator is dimmed to indicate that the account is not activated.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Client Management 12.2