TSPM Delegated Administration Users

I found that the delegated administration steps can be a little complicated to do the first time, so I’m making a note of it here for future reference, and to hopefully help others:

Configuring the Administrative Roles for the Tivoli Security Policy Manager Console.

  1. Create a User.
  2. Add the user to the tspm_user group in LDAP.
  3. Add the user to the TIP Administrative Role “TSPMUserRole”
  4. (On the TSPM ISC – not TIP) Open the TSPM Application, and select “Security role to user/group mapping” and add the new user to the SecurityAdministrator Role.

Simplification Step:

  1. Create a Group for every Role.
  2. Map the new group to the SecurityAdministrator Role.
  3. Make the new group a member of the tspm_users group.
  4. Map the Roles to the appropriate groups. Once mapped, add the TSPMUserRole administrative Role to the group. (Should already exist).

Then all you need to do is add the person to the specific roles group.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


Up ↑

%d bloggers like this: