Ok, so the new eeadmin.changeUserPassword command works great if the user executing the command has "global administrator" permissions. I tried running this command with a "non-gobal administrator" account, which had all the "Endpoint Encryption" settings set to "Change and view policy settings" and "Allow", yet receive the following message, "Error 0 : Authorization failed". If I change the permission for the same account to "global administrator" it works just fine. Does anyone know the appropriate permissions to allow the "eeadmin.changeUserPassword" command to be run via the Web API?
You will need to have the Endpoint Encryption 'User Management: Change and view user management' permission.
Please enable this and test that you can add users via the ePO UI, then try the script again.
Hope this helps
Thanks for the responce:
Correction from my first post, I meant to say that I do have "Change and view user management" as well as "Change and view policy settings" enabled for the permission set this user is a member of and still no luck.
I've attached a screenshot of the "Endpoint Encryption" permissions for this permission set.
Knowledgebase team update:
To assist others who find this posting we have created an article to cover this topic.
KB74006 INTERNAL - AuthorizationException: Authorization failed (when using EEPC 6.1 P2 Web API commands)
This is fixed in EEPC 6.2.
Knowledge Analyst (Global Online Services)