I dont want to assign BLAdmin inbuilt role to this role.
Thats where the stuck up is.
You first need to add to the new role the ServerGroup authorization (up to you if you want to give full access, only read or any other level of access). This authorization will enable the role to access the server folders in which the server are inside (or to be added). Next you need to grant the Server authorization (again, it's up to you what level of access you want to grant to this role - Server.* or only Server.Read etc.).
In this case, I wont be able to see all servers which are added previously by some other user with BLAdmins role.
I want to see all other servers under all servers smart group.
I can see them but they are grayed out. What kind of permission will be required on previously added servers?
I think answer to this would be NO. You cant any thing unless you have BLAdmins role assigned to you too..
In case you want to see (and only see) you can add the authorization Server.Read to all the servers (you can do it by clicking on the relevant Server group and select 'Update Permissions' - this operation is recursive and will add the authorization to all the servers under that group.
To clarify - the role can have Server.* authorization (inthe role definition) but in case you grant this role only Server.Read authorization on a specific server, he will be able to see it only (no to change, selete, change ACL etc.). On other server the role can have Server.* uathorization and for this server the role will have full control.
1 of 1 people found this helpful
You can be more explicit that Server.*.
You can grant the role Server.Read, Server.Create, Server.CreateACL, Server.PushACL, JobFolder.Read,JobFolder.Write, ACLPushJob.*
Installing the agent is not done via the gui so there are no authorizations for that.