SCCM 2012: Role Administration…At Last

Posted by: Rick Delserone

The release of Configuration Manager 2012 will provide a significant increase in  productivity and efficiency in the world of systems management.  As many of us in the Systems Management realm have often dreaded configuring limited security roles for administrative users within SCCM 2007, it is about time that Role Based Security has become part of the SCCM security model.  In Configuration Manager 2012, Role Based Administration makes the assigning of specific security to administrative users much more effective.

When creating an administrative user, there are several security roles pre-defined within SCCM 2012.  These roles allow for standard administration of key areas within SCCM.  For example, an administrative user or group can be assigned to the role of “Software Update Manager.”  This built in role will allow the user(s) to manage updates by creating collections for deployments, software update groups and update deployments while restricting access to other areas of SCCM.

The user(s) will only see the areas and information to which they have access within the SCCM console; a far better scenario than the 2007 Console which shows the entire structure regardless.

As shown below the “Full Administrator,” sees all categories within the Software Library.  The “Software Update Manager” only sees the Software Updates category.  This streamlined viewing is just one of the many enhancements in Configuration Manager 2012.

Full Administrator…

System Update Manager…

While there are a number of built in Security Roles to use, there are limitless possibilities in creating customized roles to fit the needs of any environment.  As this is just a glimpse into the redesigned Configuration Manager 2012, check back for additional posts regarding the many enhancements and their potential benefits to your environment.

Click here to read my other blog on SCCM 2012.

Tweet