Question4Replies122Views DebrajB9 Member since 2017 7 posts ING Bank Posted: July 26, 2017Last activity: August 16, 2017 Closed Solved Read only WAS Login credential for SMAIf a WAS Admin user has read only access, and that user is mapped to PegaDiagnosticUser role, will SMA work for that user? System Administration ×Close popoverFacebookTwitterLinkedinEmail Copy Link Copied! Moderation Team has archived post This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question. Posted: 3 years agoSwarnenduM Infosys replied to DebrajB9For standalone SMA credential is not needed if you are not imposing additional security. However if you are using Admin user and password then you have to was user having access to was admin portal. Posted: 3 years agoDebrajB9 ING Bank replied to SwarnenduMWe are using Remote Connection and Administrative (JMX/SOAP) Credentials when adding nodes in SMA. Will SMA work if this Administrative user in WAS has read only access? I found the WAS Admin user can be configured as read only like below: - Log in to web console as primary admin user - In Users and Groups > Manage users ensure that accounts for your additional users are present (via search) or create new users - Go to Users and Groups > Administrative user roles - Click Add , select given role (Monitor for read only use, Administrator for full access), search for required users, select them and click Arrow button - Click OK, and Save Posted: 3 years agoDiptiman_GCS PEGA replied to DebrajB9Yes, you should be able to use SMA with an user having Monitor role. Please refer the PDN article for more information https://pdn.pega.com/support-articles/error-500-exception-occured-trying-invoke-sma Accepted Solution Posted: 3 years agoDebrajB9 ING Bank replied to DebrajB9Below is the answer from Pega: It is possible to successfully access SMA using an operator with Admin user who only has the Monitor role. Further investigation has led to this security policy: \APP-INF\lib\prresources\prenginesecurity.policy The relevant permission is granted at line 46 (or so): permission com.ibm.websphere.security.WebSphereRuntimePermission "AdminPermission"; As long as the operator has AdminPermission, that operator will be able to access the JMX mbeans and will be able to get into SMA.