Enable Read-Only Access to MCS Profiles

UIM now allows users to have read-only access to the MCS profiles. This ensures that only relevant users are allowed to perform the required operations on the profiles. To enable this functionality, a new permission (MCS Read-Only Access) is now available. Users with this permission can only view the profile; they cannot edit, create, or delete it. You must add the permission to the ACL list.
Follow these steps:
  1. Add the permission (MCS Read-Only Access) to the ACL list.
    1. Access the primary hub and open the
      ..\Nimsoft\probes\service\distsrv\base_acls.cfg
      file in a text editor.
    2. Add the permission section to the file.
      The following snippet shows that the
      <MCS Read-Only Access>
      section is added to the file:
      <MCS Read-Only Access> name = MCS Read-Only Access desc = Read-only view access for any MCS profiles type = UMP access = read </MCS Read-Only Access>
    3. In Infrastructure Manager, navigate to the distsrv probe on the primary hub.
    4. With the distsrv probe selected, press Ctrl-P to open the probe Utility (pu).
    5. In the probe commandset, select the
      set_acl_init
      callback with the parameter value as
      base_acls.cfg
      . The callback updates the
      security.cfg
      with the ACLs; it does not delete or change any ACLs.
      The following screenshot shows the required information:
    6. In infrastructure manager, open
      Security, Manage Access Control List
      .
    7. Verify that the ACL list has the required permission added to it.
  2. Ensure that the write permission (OC Monitoring Configuration Service) is cleared and the read-only permission (MCS Read-Only Access) is selected for the user.
  3. Log in to the OC UI using the required user credentials.
  4. Access the MCS profile.
  5. Verify that the user can only view the profile information and configuration settings. Review the following points in the UI:
    1. User cannot add a new profile.
    2. User cannot edit the existing profile configuration settings.
    3. User cannot delete the existing profile.
    The following example screenshot shows that the add option is disabled for this user:
    The following example screenshot shows that the delete option and configuration settings are disabled:
    The same behavior is also applicable for the sub-profiles.
You have successfully provided the read-only access to users for viewing the MCS profiles.