A discussion took place about managing permissions for users on ControlUp devices. A potential solution was suggested – creating a new role and adding the hidden device group to it, with access granted only through SSO groups or individual accounts. However, it was noted that even with a role without any permissions checked, all devices were still visible. A back-end option was mentioned for disabling access to a product entirely for a specific user, and there was also a suggestion to use device tags to limit access to devices.
Read the entire ‘Managing User Permissions and Device Access on ControlUp’ thread below:
Hi all!
I know that it is possible to give a ControlUp user permissions only on a specific device group or tag, but I want to hide devices with a device group where no permissions are set for that user.
Is this possible?
I was thinking you create a new role and add the hidden device group in there. Allow access via SSO groups or individual user accounts that can only see it those hidden devices.
That was my initial idea, but when I logon with my test user, without being assigned to one of my/the roles, I still see alle devices. Looks like you always have a ‘view’ permission for all devices and that you can add more permissions for device groups/tags.
Normally this is not a problem but there is a legal requirement for this one.
Hmmm. How about the no permissions role you can set as the default SAML setting?
Will try that Monday, I assume it is an empty role without additional permissions checked.
Yes that’s correct
I have logged on with my test account, which is bound to a role without any permission checked. I still see all devices in the details pane.
I am looking for an option where at this point I don’t see any device.
There’s an option on the back end that the team can disable that particular product for that specific user so they cant even click on it.
Hi Clint, with the roles I can manage access to the products. But within ControlUp for Desktops I want to be able to give an ControlUp user only access to 100 devices instead of thousands. So when they logon it will look like ControlUp only has 100 devices.
I feel the best way to do this is to setup device tags that only that user can see. For example Tag A on selected devices and assign him that new role. That should fix this issue.
Continue reading and comment on the thread ‘Managing User Permissions and Device Access on ControlUp’. Not a member? Join Here!
Categories: All Archives, ControlUp for Desktops