What Security Profile Permissions are required to only deploy and stage software packages?

Document ID : KB000024741
Last Modified Date : 08/02/2019
Show Technical Document Details
Introduction:

Introduction: 

What Security Profile Permissions are required to only deploy and stage software packages? We do not want the users to be able to do any other tasks in the DSM Explorer

Environment:  

All version of CA Client Automation

Instructions: 

In order to restrict a user/group to only deploy or stage packages set the security profile permissions as below:

- In the DSM Explorer, go to Security Menu -> Security Profiles

- Select the user/group for which permissions have to be set. (In this example, we are using 'Software Push')

Figure 1

- After selecting the group, click on 'Class Permissions'.

Figure 2

- In the Class permissions window, define the class permission for Object Class as below:

-software job container: cvrx 
-software job: cvrxwx 
-deployment job: cvrwxdpo (Can have cvrwx also) 
-software package: vrx 
-software group: vrx 
-software category: vrx 
-procedure group: vrx 
-procedure: vrx 
-computer: vrx 
-asset group: vrx 

The rest of the objects should be set to 'No Access'

 

NOTE: If you want the group to be able to deploy DSM Plug-ins too, then you would need to set the following in addition to the above list.

  • Control Panel Access - Manage (VRX)
     
  • Deployment Job - Manage (VRX)

    Figure 3
Instructions:
Here, there's a ref. doc. with the security profile permissions: 

https://comm.support.ca.com/kb/how-do-an-export-of-security-profiles-and-their-permissions/kb000010166 

How do an export of security profiles and their permissions ? 
Document ID : KB000010166