How to find out the CA EEM user group who has the Administrator privileges to login to the CA iDash AdminTool, while using the SSO security and CA EEM Authorization?

Document ID : KB000015060
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

 

The administrator has enabled SSO and EEM security for Authorization, however, no longer remembers which EEM user group was used for Authorization and therefore unable to determine the user who can login to the Admin tool after the changes were made.

Question:

 

How to find out the CA EEM user group who has the Administrator privileges to login to the CA iDash AdminTool, while using the SSO security and CA EEM Authorization?

Environment:
All product supported environments.
Answer:

 

Connect to the CA iDash database as the database schema owner.

Execute the following query. It provides the details on the EEM Authorization settings.

select type, tag, value
from idash_config
where tag in ('idash.eem.primary.server','idash.eem.is.authorized','idash.eem.group.name', 'idash.eem.group.is.global')
and deleted=0;

typetagvalue
eem.authidash.eem.is.authorizedtrue
eem.server idash.eem.primary.servereemserver
eem.authidash.eem.group.is.globalfalse
eem.authidash.eem.group.nameWorkloadAutomationAEAdmin

 

From the above result, the members of CA EEM group "WorkloadAutomationAEAdmin" in the CA EEM hostname "eemserver" are authorized to access the CA iDash AdminTool.

Changes to the EEM Group members can be made through CA EEM GUI. Please refer to the EEM documentation on how to.

Additional Information: