Managing security domains

About this task

A security domain represents the set of objects that users or groups can manage. For example, you can define a domain that contains all objects named with a prefix 'AA'. If you want to specify different security attributes for some or all of your users, you can create additional security domains based on specific matching criteria.

You can filter objects by specifying one or more attributes for each security object type. You can include or exclude each attribute from the selection. For example, you can restrict access to a set of objects having the same name or being defined on the same workstation, or both.

For the attributes that you can specify for each security object type, see Attributes for object types.

For the values that you can specify for each object attribute, see Specifying object attribute values.

You can create new security domains or manage existing security domains.

Create new security domain

About this task

To create a new security domain from the Dynamic Workload Console, complete the following procedure:

Procedure

  1. From the navigation toolbar, click Administration.
  2. In the Security, select Manage Workload Security .
    The Manage Workload Security panel opens.
  3. From the drop-down list, select the HCL Workload Automation engine on which you want to manage security settings.
  4. In the Security Domains section, click Create new Security Domain.
    The security domain creation panel opens.
  5. Enter the name of the security domain that you are creating and, optionally, the domain description.
  6. Select the type of security domain that you want to define:
    Simple
    To define a filtering rule that applies to all object types. Events and actions are excluded from this filtering rule.
    Complex
    To define different filtering rules for different object types.
  7. Use object filtering to select the set of security objects that users or groups can manage in the security domains that you are defining. You can use the wildcard character (*) when defining object attributes.
  8. Click View to see the mapping between the set of security objects that you are assigning to the domain and the corresponding set of security objects in the classic security model.
  9. Click Save to save the security domain definition in the database.
  10. Click Save and Exit to save the security domain definition in the database and then exit.

Results

The security domain has now been added to the database. If the optmanenRoleBasedSecurityFileCreation global option is set to yes, the security domain is activated in your security file.

Manage security domain

About this task

From Manage Workload Security, you can also remove, edit, and duplicate existing security domains.

Procedure

  1. In the Security Domains section of the Manage Workload Security panel, click Manage Security Domain.
    The list of the available security domains is displayed.
  2. Select the security domains that you want to manage.
  3. Select the action that you want to run on the selected security domains.