Client Management Suite

I am trying to grant security to role based accounts to see the task status details of Quick Delivery Tasks.  When a user today double clicks on the Task Status, they get a message that "The User doesn't have permission to get this information".  What do I need to grant rights to for them to be able to see the details?

Running SMP 7.1 SP2

Thanks.

which group does this user belong? did you try with the ServiceDesk user groups?

Hi,

I've the same problem.
I builded my own security groups and allows the user to have access to an special Organizational View.

But if i grant access to the default Organisational Group, then the "Task Status Detail" works.
I think the Task Status Detail is report based and all reports are by defaut binded to the defaul Organisational View.

I have/had this exact problem. My current fix is this:

1. Created a special OV/OG
2. Added just the Notification Server to this OG
3. Give the users Read access to the OG

By giving the users access to the NS the task details magically started working for me. 

Next I'm trying to figure out how to lock down the NS so they can't schedule tasks on it.

-andy

Rollup V4 has a note about this:

Good to know, thanks.

They need rights to read the NS and task servers.  You can create a separate organizational group (we call ours Infrastructure when we do these) and put the SMP/SS's in this group.  Then provide the ability for folks to Read these resources.

Mike, 

This is what I'm currently doing as a workaround. It seems no matter what I do any user that has access to the resources can run tasks on them however. Is there a way to remove the ability to run tasks on a specific OG?

-andy

It's possible two roles might accomplish this: one with the normal privileges, and then one with read rights to the infrastructure pieces but without task privileges.  But I'm pretty sure they will get the union of everything and still be able to run tasks.

Hi,

I've read the TECH184912. It's related to 7.1Sp2. But the same prob exist in SP1.
I hope, there will also be a fix available for SP1 to solve this.

I will test the Workaroung with Sp1 and Sp2. But is strange to grand every user the ability to run tasks against the NS oder site-Server..

Regards

I will look into the work around today as well.  Im nervous giving our support folks the ability to run tasks on the ns and SS.  But, if they dont know it...  

In our environment, we have 5 seperate entities that all use the same SMP.  The support staff is only allowed to see the devices for their own facility.  I could create 6 different OG's and place each of the site servers in their own OG, as well as the SMP in one.

I will try that.

I really hope I get to do the rollup next week.  Im still looking for successes with applying the rollup.  Just to give me that warm fuzzy feeling. 

Maybe Im missing something.  I created the OV of Infrastructure.  Added OG's for site servers and the SMP.  Assinged Read permissions, saved everything.  Did a resource membership update.  Ran a task, and still get permission denied.  grrr.  here is a screen shot of the permissions I gave.

That is exactly what I've been trying to do. 

1. One "normal" role that can run tasks
2. One role with only read access to the resources.

Unfortunately it seems that if a user can run tasks, the can run them on any resource they can see.

I'm not sure how to limit task permissions.

-andy

I assume you verified the OGs are inheireting the Read permission from the top OV?

You should get an error in the log as well (at least I was), did the error message change after granting Read access to the NS?

-andy

I reached the same point and same error in a test. Did you find any solution?

Nothing yet.  I havent been able to spend any time on it lately

Okay on the Task page still a no go, but if you check in the Resource Manager under Job and Task Status it should work. Not perfect but good enough till there is a real fix.

FYI Rollup 4 does the trick.