Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Archive Mgmt Permisions

Using ACS I have granted permissions to some clients to view their device configs in Archive Mgmt. Basic Help Desk access PLUS 'Search Config Archive' checked.

The problem is, these permissions allow the client to view 'Out-of-Sync Summary' which does not appear to limit per NDG like other areas of RME. If the client clicks on the Diff icon they can view configs for many devices outside of their assigned NDG.

Is there a way I can deny access to the Out-of-Sync Summary?

Is there another way I can allow a user to view configs limited to a NDG without providing 'Search Config Archive' permissions?

TIA

~Dan

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Archive Mgmt Permisions

There is no workaround.

Symptom:

Even though a department's users have been granted permissions for ONLY their department's equipment in ACS, in RME they can still see the OUT-OF-SYNC screen. If a different department's device is listed on the OUT-OF-SYNC screen, they can look at the different department's configuration (RME>Config Management>Archive Management>Out-of-Sync Summary).

Conditions:

This occurs in RME 4.0.5 integrated with ACS 4.0.x. Any user not granted permission to see Out Of Sync report, can still see all devices in the Out Of Sync Report.

Workaround:

There is no workaround.

4 REPLIES
Cisco Employee

Re: Archive Mgmt Permisions

Funny you should ask about this. My colleague just filed a bug on this yesterday (CSCsl50606). The fix will not be coming until RME 4.2 due out some time in the second quarter of next year.

New Member

Re: Archive Mgmt Permisions

Glad to hear it will be fixed.

Any suggestions for a workaround?

Cisco Employee

Re: Archive Mgmt Permisions

There is no workaround.

Symptom:

Even though a department's users have been granted permissions for ONLY their department's equipment in ACS, in RME they can still see the OUT-OF-SYNC screen. If a different department's device is listed on the OUT-OF-SYNC screen, they can look at the different department's configuration (RME>Config Management>Archive Management>Out-of-Sync Summary).

Conditions:

This occurs in RME 4.0.5 integrated with ACS 4.0.x. Any user not granted permission to see Out Of Sync report, can still see all devices in the Out Of Sync Report.

Workaround:

There is no workaround.

New Member

Re: Archive Mgmt Permisions

I do have a resolution to my particular problem.

I have granted 'Search Config Archive' permissions but removed 'View Config Archival Summary'

This blocks the user from viewing the entire page under RME\ConfigMgmt\ArchiveMgmt but still allows them to view configs through the Device Center.

Thanks

120
Views
0
Helpful
4
Replies