Automic Workload Automation

I just started reviewing the work needed to take our environment from version 8 to version 11.

One of the notable difference in the lack of applications in v11. We currently use applications to separate out business units jobs and processes in v8. A user from that business unit can login and see only applications with their jobs and processes.

I would like to do something similar in v11; a member of business unit logs and only see folders with objects. Is there a way to handle not only restrict access but visible of objects?

Justin,

Are you talking about ECC and the differences between the UC4 WebGUI and the Enterprise Control Center (ECC) which replaced it on Version 9.00A and more recent?

I am referring to the flat clients.

Version 8 doesn't have a webGUI and version 11 ECC doesn't have a way to review output. Making unusable for our users.

Visibility of objects might not be a problem if we gave every user team its own client in v11 but that would be a nightmare for our developer and administrator.

If anyone has suggestions on how to handle multiple user teams on a single, I would be grateful to hear them.

Hi Justin,

I don't recall an "applications" permission filter within Operation Manager version 8, but I know there was such an option within the Applications Manager version 8.  Is this an upgrading from Applications Manager v8 to Automation Engine v11?

The permission is slightly different then how it was for Applications Manager and won't be one to one transfer between the two.  But if you want to have it so that different department use all the same client then you will need to setup multiple user-group with different permission set.  It will depend on how you have the folder structure and naming convention of the jobs/jobp .

But you could limit so that certain usergroup "can see/not see" only X folder (where those jobs/object are located at)/particular job name, object type.

"But you could limit so that certain usergroup "can see/not see" only X folder (where those jobs/object are located at)/particular job name, object type."

If you know how to set that up I'd appreciate you directing me to a solution.

We are currently converting objects from v8 to v11. I'd taken a swing at different permission setups but nothing changes visibility of top level folders or object if they have read (R) access to the containing folder structure. If I restrict access to a containing folder; the folder is still visible. If a user clicks the restricted folder, an access denied error message pops. Although in the grand scheme of things this isn't a huge problem but, for support purpose, it would reduce calls and tickets if object were just hidden.

Hi Justin,

I am sorry for not being precise in my last post; when I am referring to can see/not see, I am referring to giving user permission to go into it to view & run job from it.

Currently, with the automation engine (in the Java client); there is no way to "hide" the top level folder object that you do not have permission to.  If the user who don't have permission to it, they won't be able to drill down deep to view what object is within those specified folder and so they will just see the top level folder object (even if they don't have access to it).

Its is not as glamorous and clean as you have wanted but currently it is the only way within the Java client, for having multiple department/business unit as such within the same client (beside having each department/group in their own client). 

We recently have a few other which have asked for this feature to "hide" top level folder object they don't have access to.  It is currently being assess by our Product Management but I would recommend also submitting an enhancement request with them so they are aware of the volume of this feature request.

>@</p>Justin Rudler" 
Using different Clients in AE v11 for each of the Business Units would the equivalent to Applications in AM v8. 

If the users will mostly be using the ECC to execute and review executions of jobs/workflows, you can use User Groups to limit which jobs/workflows the users have access too.

They can view the reports/output from the jobs in the ECC if the info is stored in the database. If it's external output that is registered with the job, then unfortunately the Java Client is required to view those reports. I'm thinking it's the Banner output files the users view?

For Example:
https://us.v-cdn.net/5019921/uploads/editor/9f/6okwzxdai6kh.png" width="1350">

That is correct. Mostly our users review Banner output. We abandoned using ECC since Banner reports were not available.

Thank you, Jennifer. You've answered my question. A client per business unit isn't feasible for our limited support staff.

That does give us something to think about for future implementations.

Justin.
I worked for AppWorx starting in 2000, thru the acquisition by UC4 till 2011.

IMO, Automic Clients are NOT equivalent to the application attribute in Applications Manager.   In AM, a single logical environment can contain multiple Applications.  The Client is really a separate logical environment (yes the Client 0 is shared).   The closest to Application behavior would be a combination of the folder location and some type of name based security filters and I am not sure exactly how that would work.     

I am currently working on implementing naming standard and security access by 'group' in AE v10.  Different 'grades' of users will have different authority in each environment (Dev-Test-Prod).   In Dev, a general development user can view all of the 'general' objects, execute some of them, but only edit objects in either their 'personal folder' or the project\folder for their team.  Some type of objects the general development user will only be able to use, not create even in their own folders