Novell ZENworks Endpoint Security Management 3.5 Manuale Utente
ZENworks® ESM 3.5
Administrator’s Manual
24
Permissions Settings
This control is found in the Tools menu, and is only accessible by the primary administrator for
the Management Service and/or any whom have been granted "permissions" access by that
administrator. This control is not available when running the "Stand-Alone" Management
Console.
the Management Service and/or any whom have been granted "permissions" access by that
administrator. This control is not available when running the "Stand-Alone" Management
Console.
The permissions settings define which user or group of users are permitted access to the
Management Console, Publish Policies, and/or Change Permission Settings.
Management Console, Publish Policies, and/or Change Permission Settings.
During the Management Server installation, an administrator or Resource Account name is
entered into the configuration form (see the ESM Installation and Quick-Start Guide). Once a
successful test has been performed and the user information saved, five permissions are
automatically granted to this user (see below).
entered into the configuration form (see the ESM Installation and Quick-Start Guide). Once a
successful test has been performed and the user information saved, five permissions are
automatically granted to this user (see below).
Once the Management Console is installed, the resource user (defined above) will be the ONLY
user with full permissions, though ALL user groups within the domain will be granted
Management Console Access. The resource user should remove access from all but the groups/
users who should have access. The resource user may set additional permissions for the
designated users. The permissions granted have the following results:
user with full permissions, though ALL user groups within the domain will be granted
Management Console Access. The resource user should remove access from all but the groups/
users who should have access. The resource user may set additional permissions for the
designated users. The permissions granted have the following results:
When the Management Console is launched, the permissions are retrieved from the Permission
table. These permissions tell the console whether the user has the rights to log-in to the Console,
Create or Delete policies, change Permissions settings, and whether or not they can Publish
policies, and to whom they are permitted to publish to.
table. These permissions tell the console whether the user has the rights to log-in to the Console,
Create or Delete policies, change Permissions settings, and whether or not they can Publish
policies, and to whom they are permitted to publish to.
•
Management Console Access: the user may view policies and components, and edit
existing policies. Users granted ONLY this privilege will not be permitted to add or
delete polices; the publish and permissions options will be unavailable
existing policies. Users granted ONLY this privilege will not be permitted to add or
delete polices; the publish and permissions options will be unavailable
•
Publish Policy: the user may publish policies ONLY to assigned users/groups
•
Change Permission: the user may access and change permissions settings for other
users that have already been defined, or grant permissions to new users
users that have already been defined, or grant permissions to new users
•
Create Policies: the user may create new policies in the Management Console
•
Delete Policies: the user may delete ANY policy in the Management Console
Note:
For security purposes, it is recommended that only the resource user or very FEW administrators be
granted the Change Permission and Delete Policies permissions.
granted the Change Permission and Delete Policies permissions.