Product Knowledge Base

Space shortcuts

Page tree

Versions Compared

Old Version 6

changes.mady.by.user Alan Amos

Saved on

compared with

New Version 7

changes.mady.by.user Alan Amos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: 'Accounts' & 'Masters' rewritten

...

In the default configuration delivered with the JOC Cockpit installer this permission are allocated to the administrator and root roles. After Installation of the JOC cockpit the root role is active with password root. See the JOC Cockpit - Installation article for more information.

Getting Started

After installing the JOC Cockpit log in with the default root:root user name and password.

The Manage Accounts section of the JOC Cockpit is then accessed via the Profile Menu as shown in the screenshot below.

Image RemovedImage Added

The Account Manager has three main Views:

...

The Accounts View

The Accounts View view is the view that is opened first when a User selects the Manage Accounts view.

Image RemovedImage Added

The above screenshot shows the default root account which is active after installation of the JOC Cockpit and a number of custom Accounts, each configured with a single Role..

The Masters View

The main purpose of the Masters view is to allow Master JobSchedulers Roles to be configured. 

When the view is first opened after installation of the JOC Cockpit it will appear The Account Edit function allows the account name to be modified and Roles to be added as shown in the next screenshot.:

Image Removed

The Masters View

The Masters allows Roles to be configured and, if required, made specific to one or more particular JobScheduler Masters. 

Image Added

The above screen shows seven default roles that are delivered with the JOC Cockpit. These Roles are intended to help system administrators get a realistic authorization configuration working as quickly as possible and can be modified as required. These roles are valid for all JobScheduler Master Ids in the environment.

Positioning the mouse over a role name activates two links as shown in the screenshot above:

  • the pencil allows the role to be edited and
  • the X allows the role to be deleted.

A set of Permissions is configured for each Role in line with ITIL definitions. These Permissions Sets can be inspected by clicking on any of the Role names in the Masters view list. An example Permissions Set is described in the next section.

 

Show If
groupsos-members
Image Removed

The above screen shows

the

seven default roles that are delivered with the JOC Cockpit are applicable for all JobScheduler Masters as they are delivered in the JOC Cockpit installation archive. In addition, the following configurations have been added:

  • A role jocc_test had been added with potential access to all JobScheduler Masters.
    • Note that if no permissions are specified for this relationship then this configuration will be removed when the current user leaves the Managing Accounts view.
  • Two JobSchedulers Masters have been specified and roles specific to these JobSchedulers configured:
    • An api_test Role has been created whose permissions are restricted to the JobScheduler Master with ID jobscheduler_1.11.

      • This configuration writes the following to the shiro.ini file:

        Code Block
        languagetext
        [roles]
...
api_test = jobscheduler_1.11:sos:products:commands:jobscheduler_master
...
    • The default application_manager Role has been configured prior to being given or losing permissions specifically for the jobscheduler_1.11_cluster.

      • This configuration writes the following to the shiro.ini file:

        Code Block
        languagetext
        [roles]
...
application_manager = ... , \
..................... jobscheduler_1.11_cluster:sos:products:joc_cockpit:jobscheduler_master:view, \
..................... ...

The Permissions View

The Permissions view is accessed by clicking on a Role in the Master view as indicated in the screenshot above.

The Permissions view allows Permissions and Folders to be specified for individual Roles:

  • either restricting the Role to accessing specific Folders within the live folder of the JobScheduler Master.
    • Note that the default setting is that a Role is allowed access to all Folders - however, after a first folder is specified, the Role will only be able to access that one Folder.
  • granting or removing Permissions for the Role.
    • Note that the default Permissions are none and that permissions can be granted and removed.

Image Modified

In the screenshot above the application_manager Role:

  • is only allowed to access the test Folder and all its child folders on the jobscheduler_1.11_cluster.
  • has been given the sos:products:joc_cockpit:jobscheduler_master:view permission for the jobscheduler_1.11_cluster - this is a higher permission than the default sos:products:joc_cockpit:jobscheduler_master:view permission and allows not just the default status but also parameters and the main log for this JobScheduler Master to be viewed.

The above Permissions add the following code to the shiro.ini file:

Code Block
languagetext
[folders]
jobscheduler_1.11_cluster|application_manager = /test/*
jobscheduler_1.11|api_test = /test/*