Cisco Cisco Workload Automation 6.3 User Guide
82
Users
Security Policies
Each security policy has its own name, description, and set of CWA functions that it comprises it. Functions are chosen
from a list of available functions and listed in the
from a list of available functions and listed in the
Security Policy Definition
dialog. Once defined, security policies can
be assigned to users from the
User Definition
dialog.
You can override security policy restrictions for a user by selecting the
Super User
option in the
User Definition
dialog.
Users with Super User authority have access to all CWA functions.
Note: If you are the only defined CWA user, you will not be allowed to remove the Super User option from your profile
until you have defined at least one other CWA user with Super User capability. This is a safety feature to prevent
inadvertent exclusion from CWA, which would require you to reinstall the product.
until you have defined at least one other CWA user with Super User capability. This is a safety feature to prevent
inadvertent exclusion from CWA, which would require you to reinstall the product.
Security Policy Templates
CWA includes a set of default security policy templates. Inherent in these templates is the default network scheduling
model where each user has a defined set of scheduling tasks. When all the security policies are assigned to users, the
result is a complete enterprise network scheduling solution. Each user makes their contribution to the entire scheduling
process. Each user can be insulated from tasks that are not relevant to their scheduling role.
model where each user has a defined set of scheduling tasks. When all the security policies are assigned to users, the
result is a complete enterprise network scheduling solution. Each user makes their contribution to the entire scheduling
process. Each user can be insulated from tasks that are not relevant to their scheduling role.
You can modify these templates to create your own scheduling model based on the needs of your organization. Use
caution so that vital functions are not inadvertently left out of a particular profile.
caution so that vital functions are not inadvertently left out of a particular profile.
Note: Selecting the Super User option in a User Definition supersedes any security policy previously assigned. The
Superuser option provides full and unrestricted access to all CWA functions. Some functions, such as calendars
supersede even SuperUser privileges and are controlled by the function’s owner and available only to members of a
workgroup. A SuperUser may access a function but can not modify the function if not a member of the workgroup.
Superuser option provides full and unrestricted access to all CWA functions. Some functions, such as calendars
supersede even SuperUser privileges and are controlled by the function’s owner and available only to members of a
workgroup. A SuperUser may access a function but can not modify the function if not a member of the workgroup.
Default Security Policies
The following table summarizes the functions that are available for each user account using the security policies provided
with CWA. If the function has been included in the security policy assigned to your user account then you have the
capability described in that function.
with CWA. If the function has been included in the security policy assigned to your user account then you have the
capability described in that function.
CWA Functions
About CWA Functions
Each security policy includes the CWA functions that a user with that policy can perform. You can create new security
policies from the
policies from the
Security Policy Definition
dialog, or add and remove CWA functions to an existing security policy.
When you finish defining a security policy, you assign it to a user through the
User Definition
dialog.
Note: To use a job as a job dependency, you must have the ability (security policy permission) to View the job. However,
View permission alone does not enable you to perform job control functions on the job.
View permission alone does not enable you to perform job control functions on the job.
Default Security Policy
Available Functions
CWA Admin
All CWA functions are available.
Administrator
Functions for configuring CWA including configuring users, security, queues, agent lists,
connections, and licenses.
connections, and licenses.
Scheduler
All functions except adding users.
Operator
Functions for end-user support such as schedule control and queue and agent list
configuration. Ability to edit job information as necessary.
configuration. Ability to edit job information as necessary.
User
Functions for end-user activity excluding configuration and schedule control, but including
the tools necessary for creating, editing and submitting jobs.
the tools necessary for creating, editing and submitting jobs.
Inquiry
Functions for viewing jobs and other items, but not for creating, editing, or deleting.