I want to restrict the actions that certain users (not all !) can perform in the SMA tool. Example: they should be able to trace agents and do enquiries, but not to empty the cache. The SMA Reference Guide points out you can deny access to one or more MBeans, MBean operations, of MBean attributes through use of a Java Properties file: prmbeans.properties.
However, changes in prmbeans.properties would apply to ALL users that have access to the SMA tool. Is there a way to restrict access to a group of SMA-users, preferably a specific LDAP-group?
For me, This looks a bit over engineering. May be that's the reason Pega doesn't have this feature. If it's useful, Pega would have already developed this feature. Requests like this are rare. Not sure what's your intention in doing this. Just inform your developers not to clear cache. This is my personal opinion.
Try Raising an enhancement request with Pega via Support Portal.