SandyPro

Under the 1st security role/scope/collections (Ops Admin DC) to the user account. It doesn't allow user to add devices to any of the collections or modify the queries. I set the security scope to all folders under Device Collections except helpdesk & testing. Tested the access to the collections & it works fine. I add the 2nd security role/scope/collection (HelpDesk-allows user full access), assigned to the remaining folders, open the console & the user account takes the permissions of the 2nd one for all folders & their device collections. What am I doing wrong?

Is it possible to set different permissions for device collections? Example: I have 3 device collections called DC1, DC2, DC3. I want to allow a user to "read, modify & delete" for DC1 but only allow the user "read" for DC2 & DC3. Thanks in Advance.

Computers are disappearing from various Device Collections in our environment. It looks like it started over the weekend. Has anyone seen this type of behavior before?

I haven't tried anything because I don't see an option in the SCCM Bitlocker Policy I created. I also looked through various forums trying to find an answer and users are saying it's not possible and to try writing a script but haven't found anything that shows someone was successful.

We use SCCM to enable/configure BitLocker on Windows 10 computers. The BitLocker PIN must follow our password policy for changing the password every 60 days. We don't see that as a selection when configuring the policy. Can this be done?