This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC installation for junior team with limited access.

Hi Everyone,

 

Need to install SEC in Junior team but with selective and limited features. What's the way and best practice.

 

Thanks in well Adv.

Regards

Faisal Raza



This thread was automatically locked due to age.
Parents Reply Children
  • Hi QC,

    Need to install Management Console only and  selective means that they can only see their Area / OU and can delete and move machines from unassigned. They should not have right to modify, add or delete policies or other configuration.

    Thanks in well Adv.

    Regards.

  • Hello Faisal,

    if you open Manage Roles and Sub-Estates ... → tab Manage Roles and Create/Edit a role you'll see the available rights. While it's possible to keep your juniors off the policies the Computer search, protection and groups right might be too broad - it permits policy assignment (any policy) and creation/deletion of groups.

    Christian

  • Hello QC,

     

    Thanks for your prompt reply. So there's no way to prevent other team to create / delete policies? As well as Groups?

     

    Thanks for very quick response.

    Regards

     

    Faisal

  • Hello Faisal,

    maybe my wording wasn't ideal. keep your juniors off the policies means they can't

    Groups are a different matter, as is assigning existing policies to groups - admittedly dangerous enough. But frankly, moving computers from one group to some other is neither a very challenging nor a really thrilling task ...

    Christian

  • Hello QC,

    Thanks for your kind and always quick support. In our scenario the setup was manually now I planning to do Synchronize with Active Directory and same time I need for newly machines to join to domain should get automatically Sophos install.

     

    Please advise.

     

    Thanks

    Faisal

  • Hello Faisal,

    please see the Synchronizing with AD chapter in the documentation.
    Note that the OU structure must be appropriate for your policy requirements. Also note that automatic protection isn't retried (whether successful or failed) and furthermore the workflow when replacing, reimaging, or upgrading the OS can be tricky. 

    Christian