×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Space banner

   

This version of the product has reached end of support. The documentation is available for your convenience. However, you must be logged in to access it. You will not be able to leave comments.
BMC Client Management 12.8 ... Administering Managing security Managing administrator access through security profiles Examples of common security profiles

Compliance management administrator

This type of administrator profile is created for administrators who ensure the compliance of the complete infrastructure, that is, they do not only analyse the current situation of the IT park concerning its compliance but take action to keep it compliant. It can be created in addition to the Compliance Administrator that comes with the predefined objects as this profile only allows for the analysis of device compliance.

  1. Log on to the console with a superadministrator login.
  2. Then go to the Global Settings and the Administrator Groups node.
  3. Create a new group called Compliance Manager .
  4. Select the following Security Profile node
  5. In the Capabilities tab click the Edit > Properties menu item.
    The Properties pop-up window appears.
  6. In the Modify Capabilities tab select the following minimum capabilities:
    • View and Manage Devices
    • View and Manage Device Groups
    • View , Manage , Assign and Configure Compliance
  7. Following you can see a list of possible capabilities that can be assigned to the administrator, depending on the compliance targets:
    • View and Manage Inventory - to provide access to all inventory criteria
    • View and Assign Packages - if compliance includes specific installed packages as criteria
    • View and Schedule Operational Rules - if compliance includes specific assigned operational rules as criteria
    • View , Manage , Assign and Configure Patch Groups - if compliance includes specific installed patches as criteria
  8. Click OK to confirm and close the window.
  9. Go to the Static Objects tab and add the following top nodes with the following access rights depending on the capabilities you added in the previous tab via the Properties pop-up window:
    • Custom Compliance , Operational Rules , Packages and Patch Management top node with Read, Write and Assign Access: Allow
    • Device Groups top node with Read and Assign Access: Allow and Write Access: Deny
  10. The definitions in the Dynamic Objects tab of the Security Profile node also depends on the selections made in the Capabilities tab:
    • All Patch Groups , All Packages and All Operational Rules queries with Read, Write and Assign Access: Allow .
Was this page helpful? Yes No Submitting... Thank you
Last modified by Rohit Parmar on May 20, 2016

Comments

Log in or register to comment.

Reports administrator
Assigning capabilities to a security profile
© Copyright 2013 - 2021 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.