Our distributed IT personnel have full management rights to computers they manage rights applied to the AD import based organizational groups (right click AD Group then Manage Security > Assign Management Rights). These users are not admin users and all permissions are customized.
When they run tasks on these machines and try to click the details icon of that task they are presented with the error "The user doesn't have permission to get this information." I investigated the NS logs and the error generated was this:
<event date="Jan 27 21:23:07 +00:00" severity="1" hostName="NSNAME" source="Altiris.TaskManagement.ClientTask.*" module="w3wp.exe" process="w3wp" pid="25668" thread="301" tickCount="210929578"><![CDATA[BaseXmlHttpCallback Exception: Altiris.NS.Exceptions.AeXSecurityException: User doesn't have permission to view the computer related to this instance.
at Altiris.TaskManagement.UI.XmlCallback.GetTaskInstanceDrilldown.WriteResponse(StringWriter sw)
at Altiris.TaskManagement.Common.XmlHttp.BaseTextXmlHttpCallback.WriteResponseRaw(XmlTextWriter xwr)
at Altiris.TaskManagement.Common.XmlHttp.BaseXmlHttpCallback.ProcessRequest(HttpContext context)]]></event>
Thinking this may because permissions were assigned to one of the AD import groups, I moved one of the computers into a manually created Organizational Group and assigned full management rights but the error still persists. This does not make sense because the user clearly has full management rights to the computer (I double checked).
Anyone have any ideas which permissions are needed to allow these users to view task detail information?