How to find out the CA EEM user group who has the Administrator privileges to login to the CA iDash AdminTool, while using the SSO security and CA EEM Authorization?

Document ID : KB000015060

Last Modified Date : 14/02/2018

Show Technical Document Details

Introduction:

The administrator has enabled SSO and EEM security for Authorization, however, no longer remembers which EEM user group was used for Authorization and therefore unable to determine the user who can login to the Admin tool after the changes were made.

Question:

How to find out the CA EEM user group who has the Administrator privileges to login to the CA iDash AdminTool, while using the SSO security and CA EEM Authorization?

Environment:

All product supported environments.

Answer:

Connect to the CA iDash database as the database schema owner.

Execute the following query. It provides the details on the EEM Authorization settings.

select type, tag, value
from idash_config
where tag in ('idash.eem.primary.server','idash.eem.is.authorized','idash.eem.group.name', 'idash.eem.group.is.global')
and deleted=0;

type	tag	value
eem.auth	idash.eem.is.authorized	true
eem.server	idash.eem.primary.server	eemserver
eem.auth	idash.eem.group.is.global	false
eem.auth	idash.eem.group.name	WorkloadAutomationAEAdmin

From the above result, the members of CA EEM group "WorkloadAutomationAEAdmin" in the CA EEM hostname "eemserver" are authorized to access the CA iDash AdminTool.

Changes to the EEM Group members can be made through CA EEM GUI. Please refer to the EEM documentation on how to.

Additional Information:

Product Documentation Links:

CA Workload Automation iDash - 12.0

CA Embedded Entitlements Manager - 12.51