User impersonation for process steps#
HCL™ Launch can use user impersonation when an agent must run a command for which it might not otherwise have permission, or when a specific user must be employed for a process.
On UNIX™ and Linux™ systems, the su and sudo commands are used to impersonate users; on Windows™ HCL Launch provides a utility program to handle impersonation. You implement impersonation when you configure a component's plug-in process step or resource.
When using impersonation, the user running the agent needs to have read, write, and execute access to the agent working directory.
The user starting the plugin as impersonating user needs to also have read, write, and execute access to the agent working directory.
- Impersonation on Linux and UNIX systems
The su command (as used by HCL Launch) enables a user to start a shell as another user (process steps can be considered individual shells).
- Impersonation on Windows systems
For agents that are running on Windows, HCL Launch provides a program that handles impersonation.
- Impersonation on z/OS systems
The su command is used to impersonate users on agent computers that are running IBM z/OS®.
Parent topic: Processes