Video Screencast Help

Inventory for decentralized staff

Created: 05 Feb 2013 | 2 comments
msgood's picture

I support a campus that has both centralized and decentralized staff.  Our heirarchy of groups is based on location.  Location is determined by IP address.

Is it possible to create a security group and give them only the ability to assign owners to a system in their group?

Comments 2 CommentsJump to latest comment

fabio.sanches's picture

Hi msgood,

You will find some best practices to do this security configuration on this tech:

The section Solution contain the general steps.More information about configuring security for the Symantec Management Platform can be found in its user guide starting on in Chapter 4: Configuring security, page 69:

Symantec Management Platform 7.1 SP2 User Guide
mclemson's picture

If Locations were created based on IP address, then you already have an Organizational View (Assets by Location) that you can use.

  1. Create a role that performs the actions you want it to perform (and can't perform others)
  2. Assign the role to a test user
  3. Test the role
  4. Edit the role through Security Role Manager; select Resources, then edit.
  5. In the Assets by Location view, uncheck any locations you do not want that role to have access to
  6. In the Default Organizational View, uncheck Computers at All Resources > Assets > Network Resources > Computers
  7. Uncheck any view other than the Assets by Location view and Default view, so that only the Assets by Location and Default views are providing resource access for this role
  8. Test the role
  9. Pilot the role with one or more users for this location/region
  10. Tweak as needed
  11. Clone role, remove users, add test user, and tweak the selections in Assets by Location to do this for the following regions

Does this help?

Mike Clemson, Senior Systems Engineer, ASC
Intuitive Technology Group -- Symantec Platinum Partner