Holidays (HOLIDAY) Properties

Use the Holidays (HOLIDAY class) properties windows for creating, modifying, or viewing a record of this class. Each holiday record defines one or more periods when users need extra permission to log in. Each user has the same access for all the time periods in a record. If you include more than one holiday period in a holiday record:
cminder12901
Use the Holidays (HOLIDAY class) properties windows for creating, modifying, or viewing a record of this class. Each holiday record defines one or more periods when users need extra permission to log in. Each user has the same access for all the time periods in a record. If you include more than one holiday period in a holiday record:
  • You cannot allow a user to log in during some of those periods and
  • Prevent that user from logging in when others log in.
For example, to allow a specific user to log in during New Year Day but not during Christmas, then you defined holidays in different records.
This window contains the following fields in the General tab:
  • Name
    Defines the name of the resource.
  • Comment
    Defines extra information that you want to include in the record. CA Privileged Identity Manager does not use this information for authorization.
    Limit:
     255 alphanumeric characters
  • Owner
    Defines the owner of a record.
This window contains the following fields in the Holiday tab:
  • Holiday List Section
    Defines the specific periods that are associated with a resource. The specific periods are the once when users need extra permission to log in.
    Each period in the holiday list contains the following information:
    • Start Date
      Defines the date and time the holiday period starts at.
    • End Date
      Defines the date and time the holiday period ends at.
    • All Day
      Specifies whether the holiday period lasts for a whole day.
    • Every Year
      Specifies whether the holiday period is annual.
This window contains the following fields in the Default Access tab:
  • Permissions
    Defines the default access authority for the resource. The default access is granted to accessors who match either of the following criteria:
    • Are not defined to CA Privileged Identity Manager
    • Do not appear in the ACL of the resource.
This window contains the following fields in the Authorize tab:
  • Accessors
    Defines the access control list (ACL) for the resource. This list specifies accessors (users and groups) with a specified access authority, and the conditions for that access.
    Each element in the access control list contains the following information:
    • Accessor
      Defines an accessor.
    • Calendar
      Defines a calendar in Unicenter TNG that governs the access authority of the accessor.
    • Program
      Defines a record in the PROGRAM class, either specifically or by wildcard pattern matching. The program definition limits the access authority of the accessor to the resource to when the specified program makes the access request.
    • ACL
      Defines the access authority that the accessor has to the resource.
This window contains the following fields in the Audit tab:
  • Audit Modes
    Defines the types of access events that CA Privileged Identity Manager records in the audit log. You can select any combination of the following activities:
    • Audit Success
      Granted access requests.
    • Audit Failure
      Denied access requests (default).
    • Warning Mode
      Specifies whether Warning mode is enabled. When Warning mode is enabled on a resource, all resource access requests are granted. If an access request violates an access rule, a record is written to the audit log.
This window contains the following fields in the B1 Features tab:
  • Select B1 Features
    Specifies the available security categories and the ones that are selected for the resource.
  • B1 Labels
    Specifies the security label that is applied to the resource.
  • Security Level
    Specifies the security level that is applied to the resource.
    Limit:
     An integer from 1 through 255
This window contains the following fields in the Information tab:
  • Update Time
    Displays the date and time when the record was last modified.
  • Updated By
    Displays the administrator who performed the update.
  • Create Time
    Indicate the date and time when a record gets created.