Allowing a Security Role to view the 'Manage Software Updates' pages for Patch Management Solution
search cancel

Allowing a Security Role to view the 'Manage Software Updates' pages for Patch Management Solution

book

Article ID: 180034

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

How to allow a NS Security Role to be able to view the Manage Software Updates page, so that members of the role can utilize the drop-down reports that it has without having to provide them with each report individually?

Environment

ITMS 8.x

Resolution

Privileges:

  • Altiris Console Privileges:
    • View Tasks tab

Tree > Tasks permissions:
     Read Altiris systems Permissions on the Tasks > Software Management > Patch Management > Manage Software Updates item.

Tree > Reports Permissions:
      Read Altiris systems Permissions and Run Reports Altiris Report Permissions needs to be assigned to the following reports under Reports > Software Management > Patch Management.

  • Compliance > Microsoft Compliance by Bulletin
  • Software Bulletins > Software Bulletins Status - Summary
  • Software Bulletins > Software Bulletins by Software Component for Windows
  • Software Bulletins > Superseded Bulletin Summary
  • Software Update Summary > Downloaded Software Updates by Bulletin


Note: Although Read Altiris systems Permissions and Run Reports Altiris Report Permissions are automatically assigned when you select a report, it has been found that only Read takes affect when you press the Apply button. Therefore, in order for these pages to work, you need to be able to run the reports.

The following steps are suggested in order to do this:

  1. Press the Advanced button.
  2. Select the Role.
  3. Press the Edit button.
  4. Press the Select button to come out of edit mode.
  5. Press the Apply button and close the Properties window to come out of advanced mode.
  6. Press the Apply button to save your permission settings.

You will notice that you cannot find the All Software Bulletins report because it is hidden by default. Follow the procedure below to unhide it, set permissions on it, and then re-hide it.

  1. Run the following SQL in Query Analyzer:

    UPDATE Item SET Attributes = 18 
    WHERE Guid IN ('6437BE8A-3E05-4783-A562-2075CC21DA66',
                   '7272CB50-A689-4E72-AFA7-2240B9E13225')

  2. Navigate to the Reports tab > Software Management > Patch Management and right-click on the Resource Reports folder, choose Properties > Security tab. Grant Read, Run Reports, and Save Reports, replacing permissions to child objects (use Copy, not Remove).

  3. Run the following SQL to hide the items again:

    UPDATE Item SET Attributes = 19 
    WHERE Guid IN ('6437BE8A-3E05-4783-A562-2075CC21DA66',
                   '7272CB50-A689-4E72-AFA7-2240B9E13225')