User and group administration

Access to VOBs and views is controlled by means of users and groups. When a DevOps Code ClearCase® application attempts an operation in a VOB or view, its credentials, which include the name and primary group of the user who started the application, are evaluated to determine whether the operation is permitted.

The identity with which a user logs on to the operating system of a DevOps Code ClearCase host establishes the user’s DevOps Code ClearCase credentials. User names, group names, and each user’s group memberships must be consistent across all DevOps Code ClearCase hosts in a community. This consistency is usually achieved by means of a user and group account database such as a Windows® domain or the Network Information System (NIS) supported on Linux or the UNIX system. In environments where users access a common set of VOBs and views from hosts running different supported operating systems, this consistency must extend to all platform types (user and group names used by DevOps Code ClearCase users, as well as each user’s primary group assignment, must be the same on all platforms).

DevOps Code ClearCase does not support user names that contain embedded space characters. This restriction includes user log-on names and also user names that are associated with artifacts imported from other configuration management systems.

For more information about user and group names in mixed environments, see Common user and group names. For details about how user credentials control access to VOBs and views, see VOB and view access control.

Note: In addition to the privileges typically granted to superusers such as root on Linux or the UNIX system or to a member of the administrators group on Windows, certain users and groups have a privileged status that grants them unrestricted access to VOB data and other protected objects. For more information, see Privileged users and groups.