To install a snapshot on a process server (a runtime server),
the person installing the snapshot must have the appropriate access
to the process application. You can set who can or cannot access a
process application. Access requirements vary depending on whether
the runtime server is in a non-production environment or in a production
environment or is an online or offline server.
Before you begin
You must log in to the Process Admin Console.
About this task
For authorization for accessing online process servers,
the following access to the process application is required for each
type of environment:
- Administrative access to install to process servers in production
environments
- Write access to install to any non-production process server
- Read access to install to process servers in development environments.
For more information on providing permissions to users and groups, see Managing access to process applications and toolkits.
Optionally, you can use
the processCenterInstall or offlineInstall group
settings for additional ways to restrict access. For more information,
see Security configuration properties.
Note: On
a process server, for new snapshots that are related to a process
application or toolkit with existing snapshots, there are additional
restrictions for offline installations. The user must be the one that
created the first snapshot for the process application or toolkit,
a member of the tw_admins group, or the configured BPMAuthor user
for the process server.
Procedure
To restrict installation access, perform the following
steps.
- Start the wsadmin scripting tool. To
start wsadmin using the Jython language, run the
following command from the bin directory of the
server profile:
wsadmin -conntype NONE -lang jython
- Extract the properties of the BPMProcessServer configuration
object.
wsadmin> groups = AdminConfig.list('BPMServerSecurityGroups')
wsadmin> print AdminConfig.show(groups)
Note: If processCenterInstall is
missing then no value is displayed.
- View the output and note the processCenterInstall value.
For example, [processCenterInstall Existing_group_name].
- Update the processCenterInstall value.
wsadmin> AdminConfig.modify(groups, [['processCenterInstall', 'New-Group-Name']])
Where,
the New_group_name variable represents the group
of users to whom you want to grant access. You can use an existing
group or create a new one. If you create a new group, ensure it also
exists on the Process Center.
- Verify your update.
wsadmin> print AdminConfig.show(groups)
- Save the changes and exit.
wsadmin> AdminConfig.save()
wsadmin> exit
- Restart the deployment manager.
- Restart the Process Server cluster
or server.