5 Replies Latest reply on Nov 15, 2011 7:07 AM by Bill Robinson

    Role required for adding server

    Rupesh Gaikwad

      I was trying to create a new role which can do only:

      1. Add server

      2. Install RSCD Agent on them

      3. Copy RSC files to the target server

      4. List all servers being added.


      I dont want this role to do anything else. Any guesses on the required authorizations ?




        • 1. Role required for adding server
          Rupesh Gaikwad

          I dont want to assign BLAdmin inbuilt role to this role.

          Thats where the stuck up is.



          • 2. Role required for adding server

            You first need to add to the new role the ServerGroup authorization (up to you if you want to give full access, only read or any other level of access). This authorization will enable the role to access the server folders in which the server are  inside (or to be added). Next you need to grant the Server authorization (again, it's up to you what level of access you want to grant to this role - Server.* or only Server.Read etc.).

            • 3. Role required for adding server
              Rupesh Gaikwad

              Thanks Nimrod,

              In this case, I wont be able to see all servers which are added previously by some other user with BLAdmins role.

              I want to see all other servers under all servers smart group.

              I can see them but they are grayed out. What kind of permission will be required on previously added servers?


              I think answer to this would be NO. You cant any thing unless you have BLAdmins role assigned to you too..

              Please clarify,




              • 4. Role required for adding server

                In case you want to see (and only see) you can add the authorization Server.Read to all the servers (you can do it by clicking on the relevant Server group and select 'Update Permissions' - this operation is recursive and will add the authorization to all the servers under that group.

                To clarify - the role can have Server.* authorization (inthe role definition) but in case you grant this role only Server.Read authorization on a specific server, he will be able to see it only (no to change, selete, change ACL etc.). On other server the role can have Server.* uathorization and for this server the role will have full control.

                • 5. Role required for adding server
                  Bill Robinson

                  You can be more explicit that Server.*.


                  You can grant the role Server.Read, Server.Create, Server.CreateACL, Server.PushACL, JobFolder.Read,JobFolder.Write, ACLPushJob.*


                  Installing the agent is not done via the gui so there are no authorizations for that.

                  1 of 1 people found this helpful