Managing devices and device group capabilities

Devices and device groups are a specific case, because devices cannot be seen or accessed in any way if the corresponding permissions, capabilities and access rights, have not been accorded to the device groups they are a member of.

Capabilities

Contrary to the administrators and their groups, devices and device groups have separate capabilities which must be assigned. Assigning the capabilities for device groups follows the general rules, but if devices are to be viewed/managed as well you need to specify these capabilities separately as well. Device groups also have an extra capability, Populate , which must be defined when the content of the group is concerned, such as when you manually add or remove a device from a group or when the group is to be dynamically managed through a query or a directory server.

Access Rights

Devices can be accessed under two different nodes: the Device Topology and the Device Groups nodes. How to define the access to the devices in the Device Topology is explained in the following paragraph, and can be sufficient for a specific type of administrator. However, in other cases, it might be useful for administrators to be able to access their devices via the Device Groups node. For this to be possible, you need to assign at least read access to the Device Groups top node as well as any other device group (including its hierarchy structure to access the respective group) the administrator needs to access.