Solved: Restricting Operations user to Activity monitor

mahmedp · ‎02-04-2015

Good day every one,

I have a requirement to restrict operations staff to activity monitor, we have Master server (windows 2012 R2) and users will access from windows 2008 std x64 server. is there any way they see only Activity monitory and policies so that they can start stop job and monitor only. i want to hide all other options on java console or Admin console whatever possible.

Note:- Users are already restricted with NBAC on the server. but i could see users still can browse clients properties without access on java console,

Am not sure about auth.conf properties but it looks like this on master server c:\program files\veritas\java\auth.conf

domainname\username ADMIN=AM JBP=AM

By the way we have opscenter but am not happy with it. so using opscenter is not the solution to my problem. i feel tweaking auth.conf i can restrict them.

Nicolai · ‎02-05-2015

NBAC restrictions apply to the Java GUI as well.

What you can and can't is documented in the Netbackup security and encryption manual - page 210 "Authorization objects".

http://www.symantec.com/docs/DOC6486

The granularity of NBAC is somewhat coarse, for example you can allow access to polices, but not divide access to a subset of policies.

Best Regards

Nicolai

View solution in original post

Nicolai · ‎02-05-2015