Managing role-based security
Role-based Access Security (RBAC) is new to CM12. It offers the ability to segregate administrators with ease. In CM07 admins either used extra primary sites or scripts kicked off by status filters to separate admins from each other. Now it can be done in just a few minutes, right from the console.
We are going to use RBAC to divvy up roles for workstation and server admins so that neither sees the other's assets.
Getting ready
Create two AD user groups-CM Wkstn Admins and CM Server Admins. Populate each with a unique test account or real user accounts.
How to do it...
We start by creating one collection for workstations and one for servers:
In the admin console, navigate to Assets and Compliance | Device Collections and click on Create Device Collection in the ribbon.
For Name, enter
All Managed Workstations. Click on Browse and select All Desktop and Server Clients. Click on Next.Click on Add Rule and select Query Rule. Enter
Wkstn Onlyfor Name. Click on Edit Query...
