Using Sun WBEM User Manager to Set Access Control

Sun WBEM User Manager (wbemadmin) enables you and other privileged users to perform the following tasks:

Add and delete authorized users
Set access privileges for authorized users
Manage user authentication and user access to CIM objects on a WBEM-enabled system

Note - The user for whom you specify access control must have a Solaris user account.

What You Can and Cannot Do With Sun WBEM User Manager

You can set access privileges for individual namespaces or for a combination of a user and a namespace. When you add a user and select a namespace, the user is granted read access to CIM objects in the selected namespace by default.

Note - An effective way to combine user and namespace access rights is to start by restricting access to a namespace. Then grant individual users read, read and write, or write access to that namespace.

You cannot set access rights on individual managed objects. However, you can set access rights for all managed objects in a namespace as well as on a per-user basis.

If you log in as root, you can set the following types of access to CIM objects:

Read Only – Allows read-only access to CIM Schema objects. Users with this privilege can retrieve instances and classes, but cannot create, delete, or modify CIM objects.
Read/Write – Allows full read, write, and delete access to all CIM classes, instances, and invoked methods.
Write – Allows write and delete access, but not read access, to all CIM classes and instances.
None – Allows no access to CIM classes and instances.

Skip Navigation Links
Exit Print View
	Oracle Solaris WBEM Developer's Guide Oracle Solaris 11 Express 11/10