HP Systems Insight Manager 5.3 with Update 1 Installation and Configuration Guide for HP-UXHP Part Number: 418810-005 Published: April 2009 Edition: 5.3.1
a specific system or system group, they should not be authorized for the All Tools toolbox on that system
or system group.
CAUTION: Users assigned to the All Tools toolbox on the
Central Management Server
can execute
commands as any user. Therefore, these users could grant the administrative rights user privilege to themselves.
The Monitor Tools
toolbox
contains tools that display the state of managed systems but not tools that
change the state of managed systems.
HP SIM can have up to 32 defined toolboxes, including the default toolboxes. All toolboxes other than All
Tools, Monitor Tools, Full rights, and Limited rights can be enabled, disabled, or deleted. You cannot
edit All Tools. You can edit Monitor tools.
Toolboxes
The Toolboxes section enables you to configure groups of
tools
. The following toolboxes are created during
the installation process:
• The All Tools toolbox contains all tools in the
Central Management Server
(CMS).
• The Monitor Tools toolbox contains tools that display the state of the
managed systems
but not tools
that change the state of the managed systems. For example, the Monitor Tools toolbox permits viewing
installed software but does not permit installing software.
• The Full Rights toolbox contains all tools in the
Central Management Server
(CMS).
• The Limited Rights toolbox contains only the create and edit both reports and tools.
• When HP Storage Essentials is installed, a Toolbox for Storage Essentials tools is added to this page.
See your HP Storage Essentials documentation for more information.
Tools
Tools are applications, commands, or scripts that are launched from within HP SIM. You can add custom
tools into HP SIM and execute them across multiple systems simultaneously. Three types of tools are supported
in the HP SIM environment: web tools, X Window tools, and command line tools.
Web tools must reside on a web server. The web server can be
running on the CMS or a managed system. HP SIM launches the
web tools
URL from a CLI or GUI. When a web tool is launched from the
command line, HP SIM opens a browser to display the tool. When
a web tool is launched from the HP SIM GUI, it opens in the
workspace or in a separate browser window.
X Window tools require that an X server is running. These tools
can reside on the CMS or on a managed system. When accessing
X Window tools
HP SIM from a network client, you must have X server software
running on the network client to execute an X Window tool. From
the CLI or GUI, HP SIM invokes the X Window application using
the command line and passes the location of the X server by
requesting the device for display from the user.
Command line tools include applications, commands, and scripts.
They can reside on the CMS or another managed system. They
can be launched directly from the CLI or GUI.
Command line tools
User security
A user's capability is controlled by two things, authorizations and CMS configuration rights.
Authorizations control what tools a user can run on the managed node.
Authorizations = user + toolbox + system.
Authorizations
After a
user
is added to HP SIM, he or she can be
authorized
to use a
toolbox
on one or more systems in
the
management domain
.
Each toolbox is associated with a set of tools that a user might need for a particular
task
, such as database
administration or software management. Authorizing a user for a toolbox on a
system
or
system group
User security 9