IT Management Suite

Hi Experts,
I wish to grant a few contacts the ability to right click on a filter group, or a target machine and run tasks that were created by admin user that installed the SMP (ITMS 8.6 RU1).

I know that if I grant those contacts permission by adding them to the "Symantec Administrators" than it works, but i dont wont to grant such a broad over extensive permissions.

I've went over all permissions options to grant just that, but no luck.

Could some please tell me what are the exact permissions that grant such actions?

I want to be able to see this from a task / job view:


and not this:


Could you please explain and demonstrate which tags to choose to be granted such options?:

I want them to have an option to run a task that previously was created by me, or by Admin, but unless i choose "Symantec Adminsitrators", they can only see the default list, and even then, they can't run it.

i've used this KB as a reference, and still didn't got anything:

https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/it-management-suite/ITMS/Administration/Configuring-Security/Security-Privileges-and-Permissions/security-permission-categories-v14292761-d846e56321.html#v14292761

Please Help,
Tnx,
Hagai

Hello Hagai!

1. Case when you see these two messages in opened task

Solution:

Find folder or required task in SMP Console -> right click on folder where tasks are in or just on required task -> open "Security Role Manager"

In opened Security Role Manager page, make sure that you have selected "Security Role" where your affected accounts are members

In tree you will see your required task, then click on it and make sure that "Read", "Write" and "Run Task" permissions are checked (save changes)

After this, another accounts who didn't have permissions for appropriate tasks, will be able to modify or schedule it

2. Another case, when non administrator security role tries to schedule script tasks but it doesn't work because of missed another permissions

As example of such case:

Solution:
In SMP Console, open "Settings" -> "Security" -> "Security Role Manager"

Once again, in opened Security Role Manager page (like on picture below):
- Choose affected "Security Role" from drop-down menu
- Choose "Resources" from drop-down menu:
- Find there "Computer" under "Default" organizational view folder -> click on it and check "Run Script" permission checkbox
Save changes.

Best regards,

IP.

Hi Experts,
I wish to grant a few contacts the ability to right click on a filter group, or a target machine and run tasks that were created by admin user that installed the SMP (ITMS 8.6 RU1).

I know that if I grant those contacts permission by adding them to the "Symantec Administrators" than it works, but i dont wont to grant such a broad over extensive permissions.

I've went over all permissions options to grant just that, but no luck.

Could some please tell me what are the exact permissions that grant such actions?

I want to be able to see this from a task / job view:


and not this:


Could you please explain and demonstrate which tags to choose to be granted such options?:

I want them to have an option to run a task that previously was created by me, or by Admin, but unless i choose "Symantec Adminsitrators", they can only see the default list, and even then, they can't run it.

i've used this KB as a reference, and still didn't got anything:

https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/it-management-suite/ITMS/Administration/Configuring-Security/Security-Privileges-and-Permissions/security-permission-categories-v14292761-d846e56321.html#v14292761

Please Help,
Tnx,
Hagai