How to set security rights for the Deployment menu item options in the SMP7 Console.

Article:HOWTO21498  |  Created: 2010-01-07  |  Updated: 2010-01-07  |  Article URL http://www.symantec.com/docs/HOWTO21498
Article Type
How To



Question
Customer is trying to create a Security Role that should have access to the Actions>Deployment options in the SMP7 Console. He wants to grant or remove access to see them and use those option. How it can be done?

The default menu items displayed by the Deployment menu are:
a) Capture Image
b) Deploy Image
c) Capture Personality
d) Distribute Personality
e) Apply System Configuration

Answer
The following steps are provided as example for allowing or removing rights to the Deployment menu items. Not all the steps for setting up a Security Role with every single permission will be provided. 

1. Create/clone the Security Role that you will be using for this. 
   a) In the SMP7 Console, go to Settings>Security>Roles.
   b) If you are creating a new Security Role, select in the left-tree view 'Security Role>right-click>New>Security Role'.
   c) If you have already a Security Role that has some of the permissions and privileges that you need, just select the desired Security Role in the left-tree view and right-click>Clone.
2. Assign rights to the Menu "Actions>Deployment"
   a) Open the Security Role Manager (under Settings>Security>Permissions)
   b) Under 'Role:', select the desired Security Role
   c) Under 'View:', select 'Console Menu'
   d) Click the 'Edit' button (the little pencil icon) and Select the Menus that you will like to allow to see. In this example we want to give rights to 'Actions>Deployment' Console Menu and the tasks below it.
     NOTE:: Be sure that every item you want the user to see has an individual Check-box next to it - the fact that it is greyed out does not mean it will be visible.



3. Assign rights to the tasks for the "Actions>Deployment" menu item.
   a) Under 'View' in the Security Role Manager, select 'Settings'
   b) Click the 'Edit' button and browse to 'Notification Server>Task Settings>Task Types>Deployment and Migration' and select the whole directory or just the desired tasks.
        NOTE:: Be sure that every item you want the user to see has an individual Check-box next to it - the fact that it is greyed out does not mean it will be visible.

     

   c) Once the tasks have been checked, be sure to assign the correct permissions to the "Deployment and Migration" folder (Including "read"):


4. Assign the Task Rights for the "Actions>Deployment" menu items.
   a) Under 'View' in the Security Role Manager, select 'Settings'
   b) Click the 'Edit' button and browse to 'Notification Server' and ensure that "Task Settings" is checked


   d) Ensure that the "Task Settings" folder has these permissions assigned (in addition to "read"):


5. Assign OS Licensing for the "Actions>Deployment" menu items.
   a) Under 'View' in the Security Role Manager, select 'Settings'
   b) Click the 'Edit' button and browse to 'Deployment and Migration' and ensure that "OS Licenses" is checked.

Once the above steps have been implemented, users in the security role will be able to access the Actions -> Deployment Menu items.

Legacy ID



50917


Article URL http://www.symantec.com/docs/HOWTO21498


Terms of use for this information are found in Legal Notices