Skip Navigation Links | |
Exit Print View | |
Oracle Solaris WBEM Developer's Guide Oracle Solaris 11 Express 11/10 |
1. Overview of Solaris Web-Based Enterprise Management
2. Using the CIM Object Manager
7. Creating JavaBeans Components Using the MOF Compiler
How to Start Sun WBEM User Manager
How to Grant Default Access Rights to a User
How to Change Access Rights for a User
How to Remove Access Rights for a User
How to Set Access Rights for a Namespace
How to Remove Access Rights for a Namespace
Using the Solaris WBEM SDK APIs to Set Access Control
How to Set Access Control for a User
How to Set Access Control for a Namespace
Troubleshooting Problems With WBEM Security
If a Client (User) Cannot Be Authenticated by the CIMOM on the WBEM Server
If Other CIM Security Exception Errors Appear
Sun WBEM User Manager (wbemadmin) enables you and other privileged users to perform the following tasks:
Add and delete authorized users
Set access privileges for authorized users
Manage user authentication and user access to CIM objects on a WBEM-enabled system
Note - The user for whom you specify access control must have a Solaris user account.
You can set access privileges for individual namespaces or for a combination of a user and a namespace. When you add a user and select a namespace, the user is granted read access to CIM objects in the selected namespace by default.
Note - An effective way to combine user and namespace access rights is to start by restricting access to a namespace. Then grant individual users read, read and write, or write access to that namespace.
You cannot set access rights on individual managed objects. However, you can set access rights for all managed objects in a namespace as well as on a per-user basis.
If you log in as root, you can set the following types of access to CIM objects:
Read Only – Allows read-only access to CIM Schema objects. Users with this privilege can retrieve instances and classes, but cannot create, delete, or modify CIM objects.
Read/Write – Allows full read, write, and delete access to all CIM classes, instances, and invoked methods.
Write – Allows write and delete access, but not read access, to all CIM classes and instances.
None – Allows no access to CIM classes and instances.