Skip to Content
Information
Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Role-based permissions for patch catalog

Review the following considerations for the role-based permissions for patch catalog:

  • To create or update a catalog, the patch administrator must be assigned a role that includes the necessary permissions.
  • To facilitate division of responsibilities, you can assign permissions to one role or split between several roles.
  • Define Role and access control list (ACL) policy definitions using role-based access control. For more details, see Managing-access.
  • To be able to view results of Patching Jobs created from a Patch catalog, you must have the DepotObject.Read permission enabled.

  • Ensure that the patch administrator has the following permissions:

    Defining permissions for

    Gives the user the ability to

    PatchCatalog.*

    Manage the patch catalog

    PatchSmartGroup.*

    Patch smart group management

    WindowsSoftware.*
    SolarisSoftware.*
    AIXPatchSoftware.*
    LinuxSoftware.*

    Create, read, modify and delete permissions for the software on the platforms that you are patching. Select only the platforms that are relevant for your environment.

    Server.*
     ServerGroup.Read

    Access to the server or server group on which the patch repository is located.

    DepotFolder.*
    DepotFile.*
    DepotGroup.*

    Select the metadata files during catalog creation, if you create a catalog in offline mode.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Server Automation 8.3