Tranquil IT Forum

Contact us
at https://forum.tranquil.it/

[RESOLVED] User rights on OR

https://forum.tranquil.it/viewtopic.php?t=3065

Page 1 of 1

[RESOLVED] User rights on OR

Published: May 31, 2022 - 3:40 PM
by Renaud Villet
Hello
, we've successfully configured user and certificate management to restrict console users to only seeing machines where an associated certificate is deployed and to assign packages to those machines. This certificate is deployed at the organizational unit (OU) level.

However, if we grant a user the "Modify AD OU Packages" permission, they can then assign a package to any OU, even those where the certificate isn't deployed.
Is there a way to limit a user's ability to modify packages to only those OUs where the corresponding certificate is assigned?

Thank you.

Re: User rights on OU

Published: June 1, 2022 - 11:34
by Renaud Villet
We found the solution. :D
When assigning the right "Modify AD OU packages", you must select "allow specific package names" and enter the name of the OU package (which you can find by right-clicking on the OU -> create or edit package...) with a * in front so that the sub-OUs are also taken into account.

Re: User rights on OU

Published: June 1, 2022 - 12:29
by sfonteneau
Exactly.
I wanted to answer you with exactly that, but you were too quick. ;)
Time zone set to UTC+02:00
Page 1 of 1

Developed by phpBB® Forum Software © phpBB Limited

Official French translation © Qiaeru