Monday, June 23, 2008

Using a Low Privileged User to Monitor WebLogic from EM Grid Control

Most customers use the default weblogic user to manage WebLogic Server. However WebLogic Server provides role-based access control. You may be in a highly secured environment and you want to monitor your WebLogic Server domain with a low privileged user. EM Grid Control allows you to monitor WebLogic Servers with Monitors privilege.

You have to create a new user (Security realms -> myrealm->Users and Groups) using WebLogic Server Console and put the user in Monitors Group as shown below:

While discovering your WebLogic Server Domain, you can specify the low privileged username (dpanda in my case). Note that users in the Monitors Group do not have privileges to start/stop WebLogic Server instances and hence you will not be able to recycle managed servers from Grid Control.

You can verify the credentials used for your server by navigating to Monitoring Configuration for a managed WebLogic server as in the following figure. I used dpanda to discover my WLS domain

Hope this helps!

No comments: