Symantec Management Platform (Notification Server)

 View Only

  • 1.  Target Permissions in Altiris 7.1

    Posted May 31, 2012 07:18 AM

    Under the Symantec Administrators role I can see the default target assigned to Monitor Policies:

    However, under my custom role I can't; it just shows "No items found":

    My question is, how do I give my custom role permission to view this (or any) target?

    Thanks in advance.



  • 2.  RE: Target Permissions in Altiris 7.1

    Posted May 31, 2012 08:50 PM

    In my case I'm trying to figure out how to do this for Managed Software Delivery policies, but it's the same thing.  I have a custom security role that I want to assign to our help desk that will allow them to modify resource targets.  As in your example, they can't even see the target.  The only way they can create their own is if I give them write permissions to the policies, which I don't want to do.  I want the policies to be locked down, but give them the ability to add resource targets.



  • 3.  RE: Target Permissions in Altiris 7.1

    Posted Jun 25, 2012 01:26 PM

    I am having the same issue of the original poster.

     



  • 4.  RE: Target Permissions in Altiris 7.1

    Posted Aug 16, 2012 05:12 AM

     

    Read/Write access to Resource Targets

    The ability to read and/or write to a resource target is determined by the roles stored against the target and the roles of the viewing user in question. This differs to regular items as they use the NS security inheritance model for their security permissions.

    When the viewing users role set is mutually exclusive to that of the roles stored against a target, the target will not appear in the UI at any stage.
    If the set of roles for the viewing user is a subset of the roles stored against a target, the target will appear on the UI but will not be editable (greyed out).
    When the set of roles for a user contain all (and possibly more) roles that are assigned to a target, the user is granted the ability to modify that target and it appears as such on the UI.

    If a users set of roles is modified after the point in time when a target is created, the roles stored against the target are not updated to reflect this. Ie. it uses a snapshot model.



  • 5.  RE: Target Permissions in Altiris 7.1

    Posted Aug 17, 2012 08:38 AM

    I've run into this issue before as well.  That said, I've read your clearly informative post three times and I still am unable to grasp what you're trying to say.  Could you possibly break your answer down a little more?