In CA ASM 10.1 how can login access be given to the master account ("Admin access")

Document ID : KB000120648
Last Modified Date : 13/11/2018
Show Technical Document Details
Since the CA ASM update to 10.1, after login as master account or with Admin Access the new Share Access Users page no longer has "Grant login access" or "Remove login access" options so it is not possible to grant/revoke Admin Access for a user. Due to that it is also not possible to easily see which users currently have Admin access.
CA ASM 10.1+
1. To grant/revoke a user Admin access edit the user and enable the "Grant parent impersonation" or "Revoke parent impersonation" option as required. NOTE: To edit a user click on the Name hyperlink or use the pen icon on the right hand side of each user line.

2. ASM Engineering are planning an enhancement to the Share Access Users page to indicate "Admin access" sometime in the future (no firm date as yet).
This will likely be a flag similar to the current "unconfirmed" or "blocked" flags that are used but they will also look at feasibility of adding an extra column to reflect the "Admin" status.
In the meantime the suggested workaround is to use the Roles column which is already visible on the Share Access Users page as follows:
  • Create a dummy role and under "Role details" use a suitable name like "Administrators". Under "Members" add all members to that role who already have admin access i.e. those who have "Grant parent impersonation" set. Do not set anything else under "Monitor folders", "Maintenance windows" or "Contacts"
  • When adding a new user who needs admin access set the "Grant parent impersonation" option and add that user as a Member of "Administrators" role. 
  • Similarly if need to remove admin access for a user set the "Revoke parent impersonation" option and remove the user from the "Administrators" role.
Additional Information:
The ASM docops "Manage Users in ASM" page will be updated to include the "Grant parent impersonation" and "Revoke parent impersonation" options.