TWS_users and root users logged in on any domain manager (other than the master)

user testerlondon cpu=$manager + logon=TWS_user,root

###########################################################
#     Sample Security File
###########################################################
# APPLIES TO TWS_users AND ROOT USERS LOGGED IN ON ANY
# DOMAIN MANAGER.
user testerlondon  cpu=$manager + logon=TWS_user,root
begin
#  OBJECT     ATTRIBUTES      ACCESS CAPABILITIES
# ----------  ------------    ----------------------
job           cpu=@  + folder = /  + cpufolder = / access=add,delete,display
schedule      cpu=@  + folder = /  + cpufolder = / access=add,delete,display
resource      + folder = / + cpufolder = /         access=@
prompt        + folder = /                access=@
file          name=prodsked   access=build, display
file          name=trialsked  access=build, display
calendar      + folder = /                access=@
cpu           cpu=@   + folder = /     access=@
parameter  name=@ ~ name=v@  + folder = / + cpufolder = / access=@
userobj    cpu=@ + logon=@  + cpufolder = /  access=@
eventrule       name=@   + folder = /     access=add,delete,display,modify,list,unlock
action     provider=@         access=display,submit,use,list
event      provider=@         access=use
report     name=@             access=display  
runcygrp      name=@   + folder = /       access=add,delete,display,modify,use,list,unlock
vartable   name=a@,$default + folder = /  access=add,delete,display,modify,use,list,unlock
wkldappl      name=@     + folder = /     access=add,delete,display,modify,list,unlock
lob           name=@          access=use
folder        name=/          access=@
end

This user definition applies to GUI and CLI access for TWS_users and root users logged into any domain manager other than the master. They are given unrestricted access to all objects, except parameters that have names beginning with v, and jobs and jobs streams to which they have limited access. They can access all workstations defined in the root folder (/). They can generate all types of plans and can create, update, and delete event rule definitions defined in the root folder.

All users have access to all variable tables beginning with "a" and to the default table, irrespective of the default variable table name.