User access control
Control Center provides a browser interface and a command-line interface.
To gain access to the Control Center browser interface, users must have login accounts on the Control Center master host. In addition, users must be members of the Control Center browser interface access group, which by default is the system group, wheel. To enhance security, you may change the browser interface access group from wheel to any other group.
To use the Control Center command-line interface (CLI) on a Control Center host, a user must have login account on the host, and the account must be a member of the serviced group. The serviced group is created when the Control Center RPM package is installed.
Pluggable Authentication Modules (PAM) has been tested and is recommended for enabling access to both the browser interface and the command-line interface. However, the PAM configuration must include the sudo service. Control Center relies on the host's sudo configuration, and if no configuration is present, PAM defaults to the configuration for other, which is typically too restrictive for Control Center users. For more information about configuring PAM, refer to your operating system documentation.