Security
considerations for tools
If a tool invokes an
VMware Smart Assurance
utility, such
as dmctl, or otherwise initiates a connection to the Global Manager
, you
must configure security to enable that connection. An essential piece
of information is knowing the username under which the tool is invoked,
for example: - Client tools are invoked under the username of the operator who started the Global Console.
- Server tools are invoked under the username that theGlobal Manageris running under. Remember, server tools are invoked on the same host as theGlobal Manager.
- Automated tools are invoked under the username that started thesm_adaptercommand or by the name of theGlobal Manager.If a client tool needs to connect to theGlobal Managerand perform an action that requires administrative privileges, you have two choices:
- Provide the operator with administrative privileges.
- Create a server tool that performs the action.As the server tools run under the username that invoked theGlobal Managerprocess, this user must have an authentication record in the clientConnect.conf and serverConnect.conf files on the host where the tool is to be executed. You must configure the authentication records for this account so that prompting is not required. Prompting should not be used for automated tools.