We have a problem of keeping our BBSA deployment clean at the company I work for.
The problem is that every user who wants to run a certain job a against a list of servers ends up adding those servers to a BBSA group so he/she can target it.
And then when the server is not in BBSA yet, a record is created for it.
However, we have certain support rules in place and do not want to have every server in the company in the console - specially when you think about licensing costs.
So what are the Authorizations I have to remove from a role so it will not be able to add servers to BBSA?
Just in case- Server.* is still there, please remove it too.