[Top] [All Lists]

Re: [nv-l] Netview Security

To: nv-l@lists.us.ibm.com
Subject: Re: [nv-l] Netview Security
From: James Shanks <jshanks@us.ibm.com>
Date: Wed, 1 Mar 2006 15:19:14 -0500
Delivery-date: Wed, 01 Mar 2006 20:19:39 +0000
Envelope-to: nv-l-archive@lists.skills-1st.co.uk
In-reply-to: <1A5AB46AA116114FB0EF78BBE5AA14A10231818B@CP2K3TLCEMLV1.capitol.local>
Reply-to: nv-l@lists.us.ibm.com
Sender: owner-nv-l@lists.us.ibm.com

The only restrictions pertaining to a read-only map are related to what is
shown on that map.  You cannot add nor delete objects from it, nor change
their layout.  You can only see changes of that sort by doing a refresh,
though the status of existing objects will change.  So when you create a
new smartset, for example, with the smartset editor, the smartset exists,
but will not be shown in the smartsets section of the R-O map, because that
would amount to adding a new object.  You need a refresh to see new things,
as I said.

But the R-O map does not in itself what can be launched from the GUI or the
command line. Fro some things such as actually modifying trapd.conf using
xnmtrap, you need to be root, else you will not be able to save the file,
though you can look at it.   For other commands, you need to enable NetView
security  for them, which is covered in exhaustive detail in the NetView
Admin Guide.  This is based on creating a NetView login id and profile for
each user (though they can be shared) and then once security is enabled,
folks can only do the NetView commands allowed by their profile after they
login to NetView using the nvauth command.

As for the web client, I recommend every start by looking at the Web Client
User's Guide.
If you don't have the latest pubs, you can find them on-line here:


James Shanks
Level 3 Support  for Tivoli NetView for UNIX and Windows
Tivoli Software / IBM Software Group

             <Catalina.Martine                                          To 
             z@tlc.state.tx.us         <nv-l@lists.us.ibm.com>             
             >                                                          cc 
             Sent by:                                                      
             owner-nv-l@lists.                                     Subject 
             us.ibm.com                [nv-l] Netview Security             
             03/01/2006 12:31                                              
             Please respond to                                             


AIX 5.2 Netview 7.1.4 FP4

First of all thanks for your help on my previous post. I was able to
load the cisco symbols.

I have a couple of questions on security on Netview.

1) I Have a read-only map up and I am able to add/del smartsets, ruleset
editor, snmp configuration, seed file, and traps. Is this normal? How
can I limit access to these options (from a read-only map). I thought
read/write only had this type of access. I can not delete nodes on the
read/only map.

2) How can I turn on security on Netview. Can you point to the right
manual. Plus I also want to enable web console.


<Prev in Thread] Current Thread [Next in Thread>

Archive operated by Skills 1st Ltd

See also: The NetView Web