Administration tasks

Though your enterprise is a distributed environment across many computers, Control-M provides you with a single point of control. The Control-M Configuration Manager lets you administer, manage, monitor, configure, and maintain all Control-M components, including Control-M/Servers, Control-M/Agents, remote hosts, and so on.

The main administrative tasks that administrators perform include:

• Ensure that Control-M components are up, active, and connected.
• Ensure that maintenance, job scheduling and data backup is performed. Daily tasks are generally performed as part of New Day processing. You perform other maintenance, for example, extending the database size, as needed.
• Perform upgrades. You must ensure a smooth upgrade to a new release, including migration of data.
• Define new Control-M/Servers, and their corresponding Control-M/Agents and remote hosts.
• Ensure security by setting and assigning user and group permissions.

  Control-M security is three-tiered. It is defined in the Control-M/EM, Control-M/Server and Control-M/Agent levels. Control-M/EM security and Control-M/Server security are centered around the user that is defined for each job. These security mechanisms authorize:

  • The operations (for example, Hold or Rerun) that each user is allowed to perform.
  • The entities (for example, jobs, resources, ViewPoints) that each user can view or modify Control-M/EM interacts directly with Control-M/Server security. For each user request that Control-M/EM receives, it seeks authorization from Control-M/Server. If the Control-M/Server security modules determine that the user is not authorized, the operation is rejected and the application issues an appropriate message.

    You define Control-M/EM security using the Control-M/EM Authorization window. Security can be defined at the user level and group level. Users can be associated with multiple groups. A Control-M/EM Audit facility records data about the occurrence of a wide variety of security-sensitive activities.

    Security for communications between Control-M/Server and Control-M/EM components can be enhanced by using SSL. At Control-M for z/OS sites, the Control-M security mechanism interacts with external security tools used at the site (such as RACF, ACF2/SAF, and TOP SECRET). Control-M/Agents, which actually process the jobs, utilize operating system security; it is centered around the owner that is defined for each job. When a Control-M/Agent receives a job execution request, it submits the job on behalf of the owner, but only if the owner is defined to the operating system security.