Configuring Sybase Control Center Security

Once John logs shuts down Sybase Control Center, he must modify the configuration file for Sybase Control Center, so that it can also authenticate against the same LDAP directory as Unwired Server.

This task effects changes against two files:
  1. Use a text editor to open <UnwiredPlatform_InstallDir>\SCC-XX\conf\csi.properties.
  2. Add lines that define the 'subtree' level as the authentication and authorization scope for the Unwired Platform LDAP login module:
    CSI.loginModule.XX.options.RoleScope=subtree
CSI.loginModule.XX.options.AuthenticationScope=subtree
  3. Save the changes and close the file.
  4. Use a text editor to open <UnwiredPlatform_InstallDir>\SCC-XX\conf\roles-map.xml.
  5. Add these lines for the same Unwired Platform LDAP login module:
    <role-mapping modRole="Acme SUP Administrator" uafRole="uaAnonymous,uaAgentAdmin,uaPluginAdmin,sccAdminRole,sccUserRole" />
<role-mapping modRole="Acme SUP Domain Administrator" uafRole="uaAnonymous,uaAgentAdmin,uaPluginAdmin,sccUserRole" />
<role-mapping modRole="ABC Domain Administrator" uafRole="uaAnonymous,uaAgentAdmin,uaPluginAdmin,sccUserRole" />
    These lines map logical Sybase Control Center roles to the LDAP directory physical roles. Specifically, the first line mapping for sccAdminRole gives 'Acme SUP Administrator' access to Sybase Control Center as administrator.
    Note: The Sybase Control Center infrastructure can be separately secured and managed by an administrator who may be a different from the administrator for Unwired Platform. In this scenario, John is administrator of both Sybase Control Center and Unwired Platform infrastructures.
    As a Sybase Control Center administrator, the users granted this role can perform administration and configuration tasks from the Unwired Platform management console after a successful login.
    The last 2 entries give ‘Acme Domain Administrator’ and ‘ABC Domain Administrator’ access as a SCC User (which is mapped sccUserRole).
  6. Save the changes and close the file.
  7. Restart the Sybase Unified Agent service.