2 Replies Latest reply on Nov 20, 2009 11:57 AM by runcmd

    Permissions Set Troubleshooting


      I have duplicated the "Group Reviewer" permission set on the ePO as "PC Technician" and added a particular user to that permission set.  On that user's Dashboard, I added a pie chart custom query that displays engine versions.  Unfortunately, with the permissions given by the "Group Reviewer" permissions set, they do not have the permissions to view this chart.  Without granting the user "Global Reviewer" is there a way to allow them to see the engine version?  I'm not sure what permission I'm missing.  I tried granting them VSE permissions but it didn't seem to make a difference.  Any help would be greatly appreciated.  This is my current configuration...


      Display Results As: Pie Chart
      Pie slice values are: Number of Detected Systems
      Labels are: Engine Version (VirusScan Enterprise)
      Sort by: Value (Descending)
      Columns: Computer Name; Engine Version (VirusScan Enterprise); Users; Domain
      Properties: No criteria selected -- All items displayed


      "PC Technician" PERMISSION SET:
      Agent Handler: View Agent Handlers
      Audit log: No permissions
      Automatic Response: View Responses; view Response results in the Server Task Log
      Avert Alerts: No permissions
      Client Events: View Client Events
      Contacts: Use contacts
      Dashboards: Use public dashboards
      Event Notifications: View registered executables
      View rules and notifications for entire System Tree (overrides System Tree group access permissions)
      Extensions: No permissions
      GroupShield for Domino 7.0: No permissions
      GroupShield for Exchange 7.0: No permissions
      Host Intrusion Prevention 7.0.3: No permissions
      Issue Management: View all issues
      LDAP: No permissions
      LinuxShield 1.5.1: No permissions
      McAfee Agent: View policy settings and assignments; view client task settings
      Multi-server roll-up data: No permissions
      Policy Assignment Rule: No permissions
      Queries: Use public queries
      Registered servers: No permissions
      Rogue System Detection: No permissions
      Rogue System Sensor: No permissions
      Server tasks: View Scheduler tasks; view Scheduler task results in the Server Task Log
      SiteAdvisor Enterprise: No permissions
      SiteAdvisor Enterprise Plus: No permissions
      Software: No permissions
      Systems: View "System Tree" tab
      System Tree access: Can access the following nodes and portions of the System Tree: My Organization
      Threat Event Log: View events
      VirusScan Enterprise 8.5: View settings
      VirusScan Enterprise 8.7: View settings
      VirusScan For Mac 8.6.1: No permissions



      Message was edited by: runcmd - Messsage formatting changes on 11/4/09 9:08 AM
        • 1. Re: Permissions Set Troubleshooting

          Thinking out loud here...

          If the user is attempting to run a report that is not filtered to just his site, it would throw the error that they dont have permissions to view the data.


          So have the user (or login as him) and create a custom report with the data you want, but ensuring that the filter is set to only pull data from his group. Now can you run the report? If not, we should open a support defect, to determine if your issue is a defect.

          • 2. Re: Permissions Set Troubleshooting

            We only have one site and, because the users in question have read-only access, it does not appear that they can create custom reports.  Interestingly, I have a user that is a member of the "Executive Reviewer", "Global Reviewer", and "Group Reviewer" Permissions Sets and they cannot view the report either.  It looks like no one with read-only access can view the engine version chart I created.