Restricting management rights to a subset of computers
I'm not sure if this is a question for this forum on the Notification Server forum but here goes...
I'd like to create user groups where each group has management rights to their subset of computers and doesn't even know that any other computers exist. I've tried going through the documentation and created a security role, assigned it management rights over a group of computers, and added users to the role. When I try to open the console using a userid from that role, I'm denied access to the console until I add that userid to the "Symantec Managers" group. Once I'm a member of the Symantec Managers group, it seems to ignore everything else I've set up, and I have full management rights to everything. Is what I'm trying to do even possible? Is there any documentation available that explains how to delegate security on a server that is shared by several departments? This seems to be a problem with both 7.0 and 7.1; some of the nomenclature has changed, but the results are just as strange.
Thanks in Advance,
Mike Ball - Central Michigan University
Comments 1 Comment • Jump to latest comment
OK...following the instructions in the latest version of the Symantec Management Platform User Guide, I have security working a little better; but I can't figure out how to give a department administrator the ability to create FSR media for their machines without giving them the ability to create FSR media for all machines. Is there a way to restrict FSR generation (among other things) to only the machines in a specific Organization Group?
Would you like to reply?
Login or Register to post your comment.