Video Screencast Help
Search Video Help Close Back
to help

Privilege for Editing Policy Target

Created: 29 Jan 2013 | 2 comments
sirNARVY's picture
sirNARVY
0 0 Votes
Login to vote

I have built software deployment policies with targets based on Organizational Views. I am training my helpdesk staff on how to use this method to schedule software installs on computers. I'd like to train them on how to expedite installations this way, meaning that I'd like to eliminate the intrinsic delay between adding a computer to an Organizational View and having that change be recognized by the deployment policy. Currently my techs do not see my targets when they look at my policies. Instead they see "No items found" where I see my target name.

My techs currently have privileges equivalent to Symantec Level 2 Workers, while I am a Symantec Administrator. I assume that they cannot see this information because they don't have privileges to, but I'm not finding any settings under Manage Accounts that obviously pertain to this. Does anybody know what permissions an account needs to edit policy targets?

Thanks.

Discussion Filed Under:
, ,

Comments 2 CommentsJump to latest comment

mclemson's picture
mclemson Trusted Advisor Partner Accredited
Privilege for Editing Policy Target - Comment:30 Jan 2013 : Link

What version are you running?  You may need to edit the role in Security Role Manager and ensure that under Policy Permissions you have 'Apply to Resource Targets' checked.  Read/Write should be enabled by default for the Level 2 Worker Role.

If you add this permission to the policy/policies in question, are they able to modify the resource target?

Mike Clemson, Senior Systems Engineer, ASC
Intuitive Technology Group -- Symantec Platinum Partner
intuitivetech.com

0
Login to vote
sirNARVY's picture
sirNARVY
Privilege for Editing Policy Target - Comment:12 Feb 2013 : Link

Thanks for the input Mike. Since your reply we upgraded from 7.1 SP2 to 7.1 SP2 MP1.1, which is part of why it's taken me so long to respond.

I've reviewed Security Role Manager for one of the policies on which I've noticed this issue and I see that Level 2 Workers does indeed inherit 'Apply to Resource Targets', as well as Read and Write system permissions.

When my techs look at this policy they see the number of computers to which it's applied, and if they change the View droplist to Computers they can see all the targeted computers, but when looking at the Targets view they still get 'No items found', even after adding the above permissions explicitly to the policy.

Any other ideas?

Thanks much.

0
Login to vote