gomer02

Tech Tip - You are not allowed to administer this site from terminal

Discussion created by gomer02 Employee on Feb 2, 2016
Latest reply on Feb 1, 2019 by JulianRiano

Many times, users aren't able to 'host' or login to a certain TERMINAL record.  This can happen when a user needs access to a resource last minute that wasn't setup or thought about appropriately before implementing their environment.

 

[User1@CM_Testbox_01~]$ selang

CA ControlMinder selang v12.80.0.1432 - CA ControlMinder command line interpreter

Copyright (c) 2013 CA. All rights reserved.

AC>host CM_Testbox_02

ERROR: Initialization failed, EXITING!

(CM_Testbox_02)

ERROR: Login procedure failed

ERROR: You are not allowed to administer this site from terminal CM_Testbox_01.

 

This is because the user, User1, doesn't have the appropriate permissions to access the TERMINAL record on CM_Testbox_02.  Many individuals thought that we would need to create a record on machine we are trying to login from, in which case would be CM_Testbox_01. However, that is incorrect.  We need to create a TERMINAL resource on the remote host we are trying to connect to, then an authorization resource to allow the appropriate user(s) and/or group(s) to login.

 

So, we go to the endpoint we're having trouble connecting to, CM_Testbox_02.

[User1@CM_Testbox_02~]$ selang

CA ControlMinder selang v12.80.0.1432 - CA ControlMinder command line interpreter

Copyright (c) 2013 CA. All rights reserved.

AC> er TERMINAL CM_Testbox_01 defacc(r) owner(nobody)

AC> auth TERMINAL CM_Testbox_01 uid(User1) access(all)

Once we have successfully created these TERMINAL records, the resource is available immediately to the defined user(s) and/or group(s) previously specified.

Outcomes