Hi,
We’ve locked down the CMC as best we can however we are still finding the odd user who decides to modify their security settings on folders/reports. Is it possible to remove the user security option within CMC?
Alistair
I don’t think it’s possible to hide the option. You would probably need to manage it with security settings. You can deny permission to change security. Just make sure you don’t apply it to the Administrator log in or any of your Administrators.
If I’m remembering correctly, by default the Everyone group has View access to the Central Management Console, which can be revoked at Applications → Central Management Console → User Security. The Administrators group has Full Access, which should not be modified. If you have requirements for limited CMC access, create one or more well-labeled groups for each delegated admin roles then go through each management area, deciding whether to give these groups No Access, View, or Full Control.
Are you not able to use the ‘Modify the rights users have to objects’ right and DENY these people the ability to do this for the folders and reports?
I assume BOBJ would be smart enough to block a user from changing their own rights on an object if this right is EXPLICITLY DENIED.
I tried setting this right within applications/CMC but that didn’t work. Ended up explicitly denying access to modify settings to folders and users.
1 Like
Thanks for the feedback everyone
Glad that worked for you.