3.4.4 Evaluating operations for access control by device

After you have determined the service template and the target devices (connection destinations) for services, evaluate basing access control on use of the management functions of the connection destinations. For details about the prerequisites for using the management functions of connection destinations, see A.2 Prerequisites for connection destinations .

To restrict access to connection destinations, you must specify the IP address (or host name) for each connection destination, and register the resource groups that can access each connection destination. Therefore, you must evaluate the following items in advance.

Table 3‒4: Settings in the connection destination definition
Classification	Item	Description
Connection destination information	Resource group of the services	Specify the name of a resource group to be associated with the connection destination. The services in the specified resource group can access only the specified connection destination. If `All Resources` is specified, the services in `All Resources` can access all connection destinations.
	Connection destination type	Select one of the following types: Host name IPv4 IPv6
	Connection destination	Specify a connection destination appropriate for the selected connection destination type. You can specify a single connection destination, a range of connection destinations, or all connection destinations.
Authentication information^#1	Protocol	Select one of the following authentication protocols according to the connection destination device: Windows device: `WMI` UNIX device: `SSH` (password authentication or public key authentication) Other devices that support `SSH` or Telnet: SSH or Telnet
	User ID^#2	Specify the user ID of a user who can remotely log in to the host at the connection destination.
	Password^#2	Specify the password for the user ID.
	Superuser password^#2	If you selected SSH or Telnet as the protocol, specify the superuser password for the host at the connection destination.

The authentication method depends on the definition of the plug-in. That is, authentication is performed based on the information specified in the plug-in property or based on the information in the connection destination definition. If authentication is performed based on the information specified in the plug-in property, authentication information in the connection destination definition is not used.

Whether you need to specify a user ID, a password, and a superuser password depends on the type and setting of the plug-in. For details, see List of definition parameters for connection destinations in the Job Management Partner 1/Automatic Operation Administration Guide.

Related topics

General command plug-in, File-forwarding plug-in, and Terminal connect plug-in in the manual Job Management Partner 1/Automatic Operation Service Template Reference

To Page Top