What level of users can monitor and administer the EMS servers?
Article ID: KB0088415
Updated On:
| Products | Versions |
|---|---|
| TIBCO Enterprise Message Service | - |
| Not Applicable | - |
Description
Resolution:
There is a special, predefined user named admin that can perform any administrative action. You cannot grant or revoke any
permissions to admin. You must assign a password for admin immediately after installation. For more information about changing
the admin password, see When You First Start tibemsadmin. There is also a special group named $admin for system administrator
users. When a user becomes a member of this group, that user receives the same permissions as the admin user. You cannot
grant or revoke administrator permissions from any user that is a member of the $admin group. You should only assign the overall system
The admin user and members of the $admin group have permission to perform any server action, including subscribing to monitor
topics. All other users must be explicitly granted permission to view monitor topics before the user can successfully create subscribers
for monitor topics. For example, if user BOB is not a member of the $admin group, and you wish to allow user BOB to monitor all
connections and administer EMS server, you can grant BOB the required permission with the following command using the administration tool:
“grant topic $sys.monitor.connection.* BOB subscribe”. Bob’s application can then create a topic subscriber for $sys.monitor.connect.* and
view any connect or disconnect events. Similarly, we need to define what BOB can perform. If BOB is a member of $admin
group, he can monitor all the topics and manage the server.
There is a special, predefined user named admin that can perform any administrative action. You cannot grant or revoke any
permissions to admin. You must assign a password for admin immediately after installation. For more information about changing
the admin password, see When You First Start tibemsadmin. There is also a special group named $admin for system administrator
users. When a user becomes a member of this group, that user receives the same permissions as the admin user. You cannot
grant or revoke administrator permissions from any user that is a member of the $admin group. You should only assign the overall system
The admin user and members of the $admin group have permission to perform any server action, including subscribing to monitor
topics. All other users must be explicitly granted permission to view monitor topics before the user can successfully create subscribers
for monitor topics. For example, if user BOB is not a member of the $admin group, and you wish to allow user BOB to monitor all
connections and administer EMS server, you can grant BOB the required permission with the following command using the administration tool:
“grant topic $sys.monitor.connection.* BOB subscribe”. Bob’s application can then create a topic subscriber for $sys.monitor.connect.* and
view any connect or disconnect events. Similarly, we need to define what BOB can perform. If BOB is a member of $admin
group, he can monitor all the topics and manage the server.
Issue/Introduction
What level of users can monitor and administer the EMS servers?
Feedback
Yes
No
Powered by
