The following groups are created by default on the server host during the Sun Management Center server setup:
In addition, all the Sun Management Center users belong to a hypothetical group, called ANYGROUP.
The listed groups must be defined on the machine where the Sun Management Center server layer is running. These groups do not need to be defined on other machines. These groups are described in greater detail in the sections that follow.
The listed groups are defined in the /etc/group file.
Sun Management Center software users that belong to the group esops are usually operator users. These operators run, monitor, and to some extent, configure parameters on the managed systems. esops can perform operations, including some operations that are allowed for general users:
Disable or enable modules
Set alarm limits
Set rule parameters
Run alarm actions
Run ad hoc commands
Set the refresh interval
Acknowledge, delete, or fix events
Enable or disable history logging
Set logging history parameters
Software users that belong to the group esadm can perform administrator operations. Administrator operations are a superset of the operations that can be performed by operator users as described in Sun Management Center Operators or esops. In addition to all the operations that operator users (esops) can perform, these administrator users (esadm) can perform the following operations:
Load or unload modules
Set ACL users and groups
View administrative domains, hosts, or modules
The users that belong to the group esdomadm can perform the following domain administrator operations:
Create administrative domains
Create groups within administrative domains
Add objects to groups or administrative domains
View administrative domains, hosts, or modules
Other than the privileges listed above, a user that belongs to esdomadm is just a general user, unless configured otherwise.