How can we allow a Security Role to view the 'Manage Software Updates' pages for Patch Management Solution?

book

Article ID: 180034

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

 

Resolution

Question
I want to allow an NS Security Role to be able to view the Manage Software Updates page, so that members of the role can utilize the drop-down reports that it has without having to provide them with each report individually. How can I do this?

Answer

  1. Privileges:
       Altiris Console Privileges:
       View Tasks tab
  2. Tree > Tasks permissions:
         Read Altiris systems Permissions on the Tasks > Software Management > Patch Management > Manage Software Updates item.
  3. Tree > Reports Permissions:
          Read Altiris systems Permissions and Run Reports Altiris Report Permissions needs to be assigned to the following reports under Reports > Software Management > Patch Management.
    • Compliance > Microsoft Compliance by Bulletin
    • Software Bulletins > Software Bulletins Status - Summary
    • Software Bulletins > Software Bulletins by Software Component for Windows
    • Software Bulletins > Superseded Bulletin Summary
    • Software Update Summary > Downloaded Software Updates by Bulletin


Note: Although Read Altiris systems Permissions and Run Reports Altiris Report Permissions are automatically assigned when you select a report, it has been found that only Read takes affect when you press the Apply button. Therefore, in order for these pages to work, you need to be able to run the reports.

The following steps are suggested in order to do this:

  1. Press the Advanced button.
  2. Select the Role.
  3. Press the Edit button.
  4. Press the Select button to come out of edit mode.
  5. Press the Apply button and close the Properties window to come out of advanced mode.
  6. Press the Apply button to save your permission settings.

You will notice that you cannot find the All Software Bulletins report because it is hidden by default. Follow the procedure below to unhide it, set permissions on it, and then re-hide it.

  1. Run the following SQL in Query Analyzer:

    UPDATE Item SET Attributes = 18 
    WHERE Guid IN ('6437BE8A-3E05-4783-A562-2075CC21DA66',
                   '7272CB50-A689-4E72-AFA7-2240B9E13225')
  2. Navigate to the Reports tab > Software Management > Patch Management and right-click on the Resource Reports folder, choose Properties > Security tab. Grant Read, Run Reports, and Save Reports, replacing permissions to child objects (use Copy, not Remove).
  3. Run the following SQL to hide the items again:

    UPDATE Item SET Attributes = 19 
    WHERE Guid IN ('6437BE8A-3E05-4783-A562-2075CC21DA66',
                   '7272CB50-A689-4E72-AFA7-2240B9E13225')