To restrict access to generic accounts, we have a simple definition in RBAC user_attr to make a s/w owner into a role and force users to "su" if they need to be that user.
e.g.
wlsadm::::type=role;profiles=All
joe::::type=normal;roles=wlsadm;profiles=All
charlie::::type=normal;roles=wlsam;profiles=All
This works fine for normal login activity. However, the users need to ftp files to the server as user wlsadm but the RBAC refuses the connection.
Is there a way to configure RBAC to restrict the wlsadm direct user login but allow ftp access ?
e.g.
wlsadm::::type=role;profiles=All
joe::::type=normal;roles=wlsadm;profiles=All
charlie::::type=normal;roles=wlsam;profiles=All
This works fine for normal login activity. However, the users need to ftp files to the server as user wlsadm but the RBAC refuses the connection.
Is there a way to configure RBAC to restrict the wlsadm direct user login but allow ftp access ?