Sentinel: restricting permissions on ESEC_HOME folder

  • Document ID:3412704
  • Creation Date:02-Nov-2006
  • Modified Date:26-Apr-2012
    • Micro Focus Products:
      Sentinel

Environment

Sentinel ALL

Situation

How to restrict permissions on ESEC_HOME folder.

Resolution

There is not currently a comprehensive list of permissions needed to grant for users in order for the system to function appropriately.

However, here is a list of things currently known, this is not a comprehensive list and is only intended to be a starting point :

For Sentinel Server:

1. The Sentinel service log on account needs read/write access to %ESEC_HOME%\configuration.xml and %ESEC_HOME%\.uuid. It will also generate temporary .lck file at this folder.

2. The Sentinel service log on account needs read to %ESEC_HOME%\.keystore.

3. The Sentinel service log on account needs read access to all files in %ESEC_HOME%\lib folder.

4. The Sentinel service log on account needs read access to all files/folders under the %ESEC_HOME%\Sun-1.4.2 folder.

6. The Sentinel service log on account needs read access to the files %ESEC_HOME%\utilities\.primary_key and %ESEC_HOME%\utilities\.secondary_key (if exists) folder.

7. The Sentinel service log on account needs read access to all files/folders under the %ESEC_HOME%\sentinel\bin folder.

8. The Sentinel service log on account needs read/write access to %ESEC_HOME%\sentinel\bin\.cache folder.

9. The Sentinel service log on account needs read/write access to %ESEC_HOME%\sentinel\bin\map_data folder.

10. The Sentinel service log on account needs read access to all files in %ESEC_HOME%\sentinel\config folder.

11. The Sentinel service log on account needs read access to all files in %ESEC_HOME%\sentinel\lib folder.

12. The Sentinel service log on account needs read/write access to %ESEC_HOME%\sentinel\log folder.

13. The Sentinel service log on account needs read access to the file %ESEC_HOME%\sentinel\scripts\remove_sonic_lock.bat.

For Sentinel Control Center (SCC) client:

1. The windows account who launches SCC needs read/write access to %ESEC_HOME%\configuration.xml and %ESEC_HOME%\.uuid. It will also generate temporary .lck file at this folder.

2. The windows account launching SCC needs read to %ESEC_HOME%\.keystore.

3. The windows account launching SCC needs read access to all files in %ESEC_HOME%\lib folder.

4. The windows account launching SCC needs read access to all files/folders under the %ESEC_HOME%\Sun-1.4.2 folder.

5. The windows account launching SCC needs read access to all files in %ESEC_HOME%\sentinel\lib folder.

6. The windows account launching SCC needs read access to all files/folders under the %ESEC_HOME%\sentinel\console folder.

7. The windows account launching SCC needs read/write access to %ESEC_HOME%\sentinel\console\log folder.