This content has been marked as final. Show 3 replies
they might need systems tree access permissions aswell to relevant folders
they will also need high level AD permissions to be abke to complete the task.
I know they have high level AD permissions, but do you mean they will/might need other permissions in ePO? Any idea what those other permissions might be? I've given them "System Tree" access to their group (and subgroups), as well as all the "Systems" permissions there are...
Just got a reply from McAfee Tech Support on this:
" As per case details provided, I understand that you have query about AD import by group admin on their group. Let me explain, if group admin has given full "server task permission" from the configuration then he will be able to perform AD import."
I find that strange, since the default "Group Admin" permission set only gives "view server tasks, view server task log" permissions, not the full "server task permission". Seems like that SHOULD be in the documentation.
more info: Even after making that change, the Group Admin still can't perform an AD import. I'm going back to McAfee to find out what's going on here.