Discovery and Inventory Group

 View Only
  • 1.  Inventory for decentralized staff

    Posted Feb 05, 2013 09:59 AM

    I support a campus that has both centralized and decentralized staff.  Our heirarchy of groups is based on location.  Location is determined by IP address.

    Is it possible to create a security group and give them only the ability to assign owners to a system in their group?



  • 2.  RE: Inventory for decentralized staff

    Posted Feb 05, 2013 09:04 PM

    Hi msgood,

    You will find some best practices to do this security configuration on this tech:

    The section Solution contain the general steps.More information about configuring security for the Symantec Management Platform can be found in its user guide starting on in Chapter 4: Configuring security, page 69:

    Symantec Management Platform 7.1 SP2 User Guide

  • 3.  RE: Inventory for decentralized staff

    Posted Feb 06, 2013 08:39 AM

    If Locations were created based on IP address, then you already have an Organizational View (Assets by Location) that you can use.

    1. Create a role that performs the actions you want it to perform (and can't perform others)
    2. Assign the role to a test user
    3. Test the role
    4. Edit the role through Security Role Manager; select Resources, then edit.
    5. In the Assets by Location view, uncheck any locations you do not want that role to have access to
    6. In the Default Organizational View, uncheck Computers at All Resources > Assets > Network Resources > Computers
    7. Uncheck any view other than the Assets by Location view and Default view, so that only the Assets by Location and Default views are providing resource access for this role
    8. Test the role
    9. Pilot the role with one or more users for this location/region
    10. Tweak as needed
    11. Clone role, remove users, add test user, and tweak the selections in Assets by Location to do this for the following regions

    Does this help?