Types of non-root or non-administrator users
Non-root or non-administrator users can run only certain commands based on the roles and permissions assigned. Non-root or Non-Administrator users are of two types:
- Users with administrative privileges
- Users without administrative privileges
Users with administrative privileges
A user has administrative privileges if the user is an authenticated Infrastructure Management user associated with at least one user group that has at least one role with the permission "Access to Administration Console" enabled for that role.
The following code shows the commands that users with administrative privileges can run.
pw event ...[list, edit and delete shall only run by root users]
pw admin
pw baseline ...
pw cmdb
pw cmdfile ...
pw dataview ...gendoc
pw debug ...
pw default ...
pw device ...[list can only run by root users]
pw displaygroup
pw displayservice
pw group ...
pw help
pw license ...[list can only run by root users]
pw log ...[period <rate|stats|baseline> <time> can only run by root users]
[period list can only run by root users]
pw monitor ...
[monitor version can only run by root users]
pw motypes ...
pw remote ...[list can only run by root users]
pw servicetypes ...
pw schedule ...
pw slo...
pw template ...
pw user ...[reset_passwd can only be run by root users]
pw version
pw viewhistory
A non-root or non-administrator user with administrative privileges can also run the following commands if the user is associated with at least one user group that has at least one role with the permission "Perform operations on an event Ack, Assign, Close, Open, Set Priority" enabled.
pw event close
A non-root or non-administrator user with administrative privileges can also run the pw baseline command if the user is associated with at least one user group that has at least one role with the permission "Allow baseline management" enabled.
Some of these commands might be further restricted based on the permissions available to the user.
Users without administrative privileges
A user has no administrative privileges if that user is not associated with any user groups that have at least one role with the permission "Access to Administration Console" enabled.
The following code shows the commands that users without administrative privileges can run.
pw debug list
pw help
pw itxmlgenerator
pw log list
pw monitor list
pw ovxmlgenerator
pw system status
pw user change_passwd
pw version
pw viewhistory
A non-root or non-administrator user with User privileges can also run the following commands if the user is associated with at least one user group that has at least one role with the permission "Event close or Event acknowledgment" enabled.
pw event close
A non-root or non-administrator user without administrative privileges can also run the pw baseline command if the user is associated with at least one user group that has at least one role with the permission "Allow baseline management" enabled.