- When running a scan from the SEPM: Monitors / log tab / view "computer status" log, the following error message appears:

- When right clicking on the client to run a command, the option is greyed out:

Work as designed

- To resolve this, limited administrators require "Full access" rights in the "Manage groups" section instead of "Read Only"

- However, this means that giving limited administrators full access will also allow them to delete groups, subgroups or move clients.

- There is a product enhancement topic created regarding this issue on Symantec Forum, do not hesitate to vote:

www-secure.symantec.com/connect/idea/allow-limited-administrator-read-only-group-rights-remotely-run-commands

Applies To

Impact all SEPM versions released after 11.0.4

- Actions followed to reproduce the issue:

1. Create a test account in the SEPM as "limited administrator"

2. Edit the administrator access rights as follow: