Video Screencast Help

No Results for Audit Software Search Report with Non-Admins

Created: 26 Aug 2013 • Updated: 08 Nov 2013 | 3 comments
This issue has been solved. See solution.

I'm running SMP 7.1 SP2 MP1.1 where it was brought to my attention that the "Audit Software Search report" under Reports->Discovery and Inventory->Cross-platform->Software Applications->General Software returns no results for "non (SMP) admins".  This is for a role where I only gave read rights to the reports.  Any idea what I'm missing?

Operating Systems:

Comments 3 CommentsJump to latest comment

Clint's picture

I'm pretty sure this is a permissions issue.  When creating a security role, I was curious if everyone was cloning the Administrator role then removing permissions to fit your needs?  I was afraid to do this because I'd really hate to miss something and give my help desk staff more power than what they actually need.  A report viewing role is really what I'm looking to create although, again, I seem to be missing something since my Audit Software Search report doesn't bring up any results under the non-admin role I created from scratch.

Clint

Clint's picture

Due to a lack of response to my post, I opened up a case with Symantec Tech Support.  The support engineer tried different things but was unable to resolve my issue and even ended up (unknowingly) killing SMC access for all of my help desk staff in the process.  Got that resolved by myself although original problem still exists.

Anyway, what I want is to create a very restrictive (read-only) Symantec Role whose members can only generate reports and use PCAnywhere to remote into user desktops.  For the most part, the role I created from scratch gets this done although, again, the Audit Software Search report pulls up no info, and found that drilling down into the Installed Software report also returns nothing.

I seem to have the engineer stumped as he has yet to call me back after our last call the middle of last week.  He said he was going to do some testing in his lab where I suspect he's seeing the same thing.  Luckily this isn't a show stopper although not sure how to figure out what resource(s) the blank reports are trying to get to.

Clint

Clint's picture

The support engineer FINALLY called me back where his resolution was to clone the Symantec Administrator role (which I've seen suggested by numerous users in the forums) and then remove inheritance and most privileges.  Didn't really want to go this route because it opens up the right-click privileges (i.e. they're all grayed out so you can't disable them) but at least the problematic reports are now producing results for my new restricted role.  Win some, lose some.  wink

Clint

SOLUTION