Where to set DFM.Core.AccessCheck?

belgianbiscuit · ‎2011-08-22

In the Snapdrive admin guide it says that "The user you specify from SnapDrive is configured with

DFM.Core.AccessCheck capability in the global scope in DataFabric Manager server"

Is this capability included in the GlobalFullControl role?
If not how do I add it?
I select my user (or group) and click edit. I go to roles and click "Add Capabilities".
On the Capabilities Window I see resources with a lot of subgroups.
For example under Groups\Global I would be able to select DFM.Core.AccessCheck
but I could do the same under datasets or storage systems for example.

Where is the correct place to enable it for the "Global Scope"?

agireesh · ‎2011-08-22

Hi belgianbiscuit ,

If you create a role with Dfm.Core.AccessCheck capability on Global group and then add that role to any user then that user has capability to dfm core access check on all objects under the Global group (all groups, storage system and datasets etc).

But if you create a role Dfm.Core.AccessCheck capability on particular dataset or storage system then add the created role to user then that user has capability to dfm core access check, only on dataset or storage system and objects under the dataset or storage system.

In other word you can say:

If you create a role with “xyz” capability on “ABC” resource and then add that role to some particular user “user1” that mean “user1” can do “xyz” action on “ABC” resource or child member under the “ABC” resource.

<DFM.Core.AccessCheck capability in the global scope in DataFabric Manager server">

Above sentence mean you need to select “Global” as resource while creating role.

Regards,

Gireesh

belgianbiscuit · ‎2011-08-23

Thanks Gireesh,

I managed to do that now but have to sort out a whole lot of other issues in regards to DFM integration before I can test