Updating Capture Engine ACL settings - LiveWire

LiveWire Virtual User Guide
ft:locale
en-US
Product name
LiveWire

The Access Control List (ACL) limits access to a Capture Engine by associating Users (defined in the operat- ing system) with classes of tasks on the Capture Engine, called Policies. These associations are set in the configuration of each Capture Engine.

The Capture Engine Manager also lets you add the same Domain username and Policy associations to the ACLs of multiple Capture Engines, all of which are operating under the same Domain control.

Note: To use the ACL with Omnipliance Linux, you must first add the user to the Linux OS and then add the same user to the first ACL policy, “System: Allow usage.” You can then limit that user’s permission by adding the user to any of the other ACL policies.
Important: The Capture Engine Manager must be able to log in to each target Capture Engine as a user with the correct permissions to update the ACL on that Capture Engine, as described above. For detailed login information, see Credentials dialog.
Note: To use the Capture Engine ACL Update Wizard, you must present the correct login credentials for each target machine. For a Capture Engine with Use access control enabled, any user associated with both the System: Allow usage and Configuration: Configure engine settings policies can configure the Capture Engine. Any user with Administrator privileges (local or Domain) on the target machine can configure the Capture Engine, regardless of any settings in its ACL.

To distribute an ACL update to one or more Capture Engines in a single domain:

  1. Click Update ACL in the toolbar. The Capture Engine ACL Update Wizard appears.

  2. Click Next. The Select engines view appears and lists the Capture Engines defined in the Workspace.

  3. Select the check box of the Capture Engines you are updating. You can right-click inside the view to expand all / collapse all lists, or check all / uncheck all Capture Engines.
    Note: You can click Credentials to enter the login credentials that can be used to connect to one or more Capture Engines when distributing software updates or new settings. See Credentials dialog.
  4. Click Next to open the Edit Access Control view. From this view, you can associate any User defined for the current Domain with any Policy defined for the selected Capture Engines.

  5. Select a Policy in the list and click Edit. The Add Users to ACL dialog appears.

    Browse Users

    • Domain (Capture Engine (Windows) only): Type the Domain for the Capture Engine. If the Capture Engine is not a member of any Domain, leave this field blank.
    • Refresh: Click to poll the Domain controller to retrieve the list of users.
      Note: Large Domains with hundreds of users may take several minutes to load.
    • Name/Description: Displays the name and description for each defined user. Both the name and the description are taken from the operating system security settings (local or Domain).
    • Add: Click to add the selected user to the Selected Users table.

    Add User (Capture Engine (Windows) only)

    • Domain: Type the Domain for the Capture Engine.
    • User: Type the name of the User you wish to add to the Selected Users table.
    • Add: Click to add the selected user to the Selected Users table.

    Selected Users

    • Name/Description: Displays the name and description of users allowed to perform the selected policy.
    • Delete: Click to remove the selected user from the Selected Users table.
    • Delete all: Click to remove all users from the Selected Users table.
    Tip: A Policy that has no users associated with it is effectively reserved for users with Administrator or root level privileges.
  6. Enter the name of the Domain and click Refresh. The dialog will poll the Domain controller to retrieve a list of users.
  7. Select a user you want to associate with the current Policy and click Add. The user will appear in the Selected Users table of the dialog. Repeat this step until you have added all the users you wish to associate with the current Policy.
  8. Click OK to close the dialog and return to the Edit Access Control view. The users from the Selected Users table appear in the Users column beside the appropriate Policy. You can choose to Merge users to the existing Access Control List, or Replace the existing Access Control List with a new list defined here.

  9. Continue in this manner until you have fully defined the ACL.
  10. Click Start to begin distributing the ACL to the listed Capture Engines. The Send update dialog appears and displays the task status.
    Tip: If at least one task fails, you can click Retry Failed Tasks to send the update again to the Capture Engines that did not complete the task successfully.

    Note: In order to be able to retrieve the list of Domain users, you must be logged on as a user with Administrator privileges (local or Domain). Additionally, you must have logged on to a computer under the Domain control of the target Domain during the current session of Windows. Your Domain login can have been as a Domain user of any kind, Administrator or otherwise.
  11. Click Finish to close the Capture Engine Update ACL Wizard.

Credentials dialog

The Credentials dialog lets you present a single set of credentials when you distribute software updates, set- ting updates, or ACL updates to Capture Engines.

To open the Credentials dialog:

  1. Click Credentials… in any of the following views:

  2. Select the Use following credentials check box to enable credentials.
  3. Complete credential information for Authentication, Domain, Username, and Password. See Connecting to a Capture Engine for details.
  4. Click OK to accept your changes.