search cancel

SMP Security Role Matrix and general Security Information

book

Article ID: 162558

calendar_today

Updated On:

Products

Client Management Suite IT Management Suite Server Management Suite

Issue/Introduction

It can be difficult to know what is needed for a given Security Role to be created with the desired outcome.

Cause

There is limited documentation about what each out of the box role does.

Permissions and Privileges can be difficult to understand

Resolution

This document is intended to provide information that will help make the permissions and privileges existing roles have more transparent.  Making it possible to better understand what is needed for specific scenarios.

The following sections are provided to help here.

  • Matrix that shows all permissions and privileges assigned to out of the box roles
  • Script that can be run in SQL or as a report that will create a matrix that includes Custom Roles
  • Links to Security Role related KB's that can help provide a better understanding of the SMP Security
  • Links to KB's that cover common scenarios


Matrix for Permissions and Privileges

The attached file "Privileges and Permissions per role.xlsx" contains the following:

  • Privileges - Shows All Security Roles and the Privileges assigned to them.  Grouped by the Display group they are displayed in
  • Folder Permissions - Shows All Folders grouped by the folder path, where any permissions are specifically assigned.  It does not show inherited permissions
  • Item Permissions - Shows Items that have security applied specifically to them by role, grouped by the path to the Item.
  • Permission list - List of all possible permissions, with a description and the associated guid
  • Privilege list - List of all possible Privileges, with a description and the associated guid 

NOTE: There are filters at the top of each column that make it possible to limit the results to more usable amounts of data.

The following screenshot shows how easy it is to see the Management Privileges assigned to each role.

 

Script to create the Matrix

The attached "Security Matrix builder for Permissions and Privileges.sql" file has four sections, to see similar data for a different version or to include custom roles in the matrix

  • Get matrix for Privilege role comparison
  • Get matrix for Permission role comparison of Folders or Items
  • Get Permission list
  • Get Privilege list

Security Role information KB's & Documentation

Common Custom role KB's

  • 181908 - How to create a custom security role for assets
  • 181049 - How do I add the ability to perform Patch Management Admin processes to an existing canned user?
  • 161257 - The current user does not have required permission 'read' to load item: Resource Manager Dashboard Console Menu
  • 181462 - How to create a Security Role that can see the content for "Add Custom Criteria" while adding a "Custom Search Criteria" in Activity Center
  • 171861 - Scope with Security Roles to manage Workstations and Servers

Attachments

Security Matrix builder for Permissions and Privileges.sql get_app
Privileges and Permissions per role.xlsx get_app