Q: What is Organization View / Organizational Group.

 

A: An Organizational Group is a real-world grouping of resources that exists as an entity within the Organizational View and is used primarily for security. Organizational Groups form the basis for targeting administrative actions to the correct set of managed resources. Users target these actions to a certain set of resources by using filters to define Resource Targets

An Organizational Group can have security associated with it in the form of roles that are granted permission to see and act upon the resources contained within the Organizational Group. In this way the scope of resources available for each user of the Symantec Management Console is set. This scope will apply when the NS user creates or edits policies and when running tasks. The user’s scope restricts the set of resources toward which the user can target the policy or task.

An Organizational View is a self-contained hierarchy of Organizational Groups and is a security structure through which users (typically system administrators) manage the IT environment. Notification Server allows for multiple Organizational Views, each corresponding to a unique way of looking at the resources managed by NS. Each Organizational View can have Organizational Groups added under it in a tree structure. Organizational Groups can then have resources added to them. A resource can be found at only one point in any Organizational View, but a second Organizational View can contain the same resource, because this represents another unique way of looking at how the resource is managed

Q: How do I setup my own Organisational View or Organisational Group

 

A: Go to Altiris Console / Manage / Organisational Views and Groups.

Highlight Organisational Views

Right click on mouse button and select New -> Organisational View

Then right click on the new Organisational View and select New -> Organisational Group

Q: What type of resource that can be added to a resource group.

 

A: Computers, Users and any type of resources (packages, sites, subnets,etc…)

Q: Can I have duplicate resources in my own OG  under the same OV?

 

A: No, the same resource shouldn’t be added to different OG within the same OV. If for example ComputerA is already added to OG1, and then user trying to add ComputerA again to OG2, then ComputerA will be removed from OG1 automatically.

Q: If I delete a resource in my custom Org group would the same resource be deleted from the ‘Default’ Org group?

 

A: No. If the resource is deleted from a custom Org group, the resource would still be a member in ‘Default’ Org group. However, If the resource is deleted from the ‘Default’ org group then that resource is permanently deleted from ALL Org groups.

Q: How do I assign a security role so that it can only view the resources who belong to a custom security group.

 

A: follow this steps:

-       Create an Org view and Org group

-       Create a custom security role

-       Go to Security Role Manager of the security group

-       Select resources from the View drop down list and click on Edit button

-       Select ONLY the Organizational Group(s) you want the security role to have access to. You may also need to break the inheritance.

-       Save changes.

Q: What are the effects after the security role has been assigned to a particular Organizational Group (eg. OrgA who has Comp1, Comp2 and Comp3 as its members)

 

A: After the security role has been assigned to a particular Organizational Group, the user who belongs to this Organizational Group can only view the members of the Organizational Group. Filters, Reports and assigning/creating a resource target would also be impacted. When running Filter, Reports and creating resource target, the resources available are members of the organizational group.

Q: What is a System Scope Collection?

 

A: System Scope Collections (OGs) are SQL based resource groups that are defined by both Core and Solutions to facilitate resource scoping. These differ from regular Scope Collections (OGs) in that their membership is driven by custom SQL queries. These queries define the collections members and are updated when the ''Delta Resource Membership Update'' schedule or the ''Complete Resource Membership Update'' schedule run.