Security maintenance utility (Batch mode)

Certain ctmsec Security Maintenance utility functions can be activated in batch mode. These functions include listing, updating, and deleting entries in the Control‑M Security database. These functions are described in Security maintenance utility (Interactive mode) .

User authorization

The user authorization options of the ctmsec command are used to list, update, delete, and copy users in the Control‑M Security database.

Use the following command to list user authorizations:
ctmsec -USER_LIST <user>
Use the following command to update user authorizations:
ctmsec -USER_UPDATE <user> <description> <group>
Use the following command to delete user authorizations:
ctmsec -USER_DELETE <user>
Use the following command to copy user authorizations from one user to another:
ctmsec -USER_COPY <from_user> <to_user>
NOTE: If the user in the commands listed above is a Control-M/Agent user, then the <user> format is <username@host_id>.

Group authorization

Group authorization options of the ctmsec command are used to list, modify, and delete groups in the Control‑M Security database.

Use the following command to list group authorizations:
ctmsec -GROUP_LIST <group>
Use the following command to update group authorizations:
ctmsec -GROUP_UPDATE <group> <description>
Use the following command to delete group authorizations:
ctmsec -GROUP_DELETE <group>

Folder authorization option

The Folder authorization options of the ctmsec command are used to assign authorizations to users and groups to perform actions on Folders.

Use the following command to list Folder authorizations:
ctmsec -SCHED_LIST {<user>|<group>}
Use the following command to update Folder authorizations:
ctmsec -SCHED_UPDATE {<user>|<group>} <folder> [-DELETE {Y|N|D}] [ -READ {Y|N|D}]
[ -ORDER {Y|N|D}] [ -UPDATE {Y|N|D}]
Use the following command to deleteFolder authorizations:
ctmsec -SCHED_DELETE {<user>|<group>} <folder>
NOTE: If the user in the commands listed above is a Control-M/Agent user, then the <user> format is <username@host_id>.

Active Jobs database authorization

The Active Jobs database authorization options of the ctmsec command are used to assign authorizations to users and groups to perform actions on jobs in the Active Jobs database.

Use the following command to list Active Jobs database authorizations:
ctmsec -ACT_LIST {<user>|<group>}
Use the following command to update Active Jobs database authorizations:
  ctmsec -ACT_UPDATE {<user>|<group>} <owner> <host>

[-HOLD          {Y|N|D}]

[-FORCE {Y|N|D}]

[-ORDER         {Y|N|D}]

[-CONFIRM {Y|N|D}]

[-DELETE {Y|N|D}]

[-WHY {Y|N|D}]

[-RERUN {Y|N|D}]

[-OUTPUT {Y|N|D}]

[-LOG {Y|N|D}]

[-STATISTICS {Y|N|D}]

[-ZOOM_AND_SAVE {Y|N|D}]

[-KILL_JOB {Y|N|D}]
Use the following command to delete Active Jobs database authorizations:
ctmsec -ACT_DELETE {<user>|<group>} <owner> <host>
NOTE: If the user in the commands listed above is a Control-M/Agent user, then the <user> format is <username@host_id>.

Entities authorization options

The entity authorization options of the ctmsec command are used to assign authorizations to users and groups to perform actions relating to Control‑M entities.

Use the following command to list entity authorizations:
ctmsec -ENTITY_LIST {<user>|<group>}
Use the following command to update entity authorizations:
ctmsec -ENTITY_UPDATE {<user>|<group>}
{LOG|QR|Control|CALENDAR|CONDITION}
[-ADD {Y|N|D}] [-DELETE {Y|N|D}] [-CHANGE {Y|N|D}]
Use the following command to delete entity authorizations:
ctmsec -ENTITY_DELETE {<user>|<group>}
{LOG|QR|Control|CALENDAR|CONDITION}
NOTE: If the user in the commands listed above is a Control-M/Agent user, then the <user> format is <username@host_id>.

Parent Topic

ctmsec