Jump to content


Search the Community

Showing results for tags 'Admin'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Cloud
    • Azure
    • Microsoft Intune
    • Office 365
    • Windows 365
  • General Stuff
    • General Chat
    • Events
    • Site News
    • Official Forum Supporters
    • Windows News
    • Suggestion box
    • Jobs
  • MDT, SMS, SCCM, Current Branch &Technical Preview
    • How do I ?
    • Microsoft Deployment Toolkit (MDT)
    • SMS 2003
    • Configuration Manager 2007
    • Configuration Manager 2012
    • System Center Configuration Manager (Current Branch)
    • Packaging
    • scripting
    • Endpoint Protection
  • Windows Client
    • how do I ?
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows Vista
    • Windows XP
    • windows screenshots
  • Windows Server
    • Windows Server General
    • Active Directory
    • Microsoft SQL Server
    • System Center Operations Manager
    • KMS
    • Windows Deployment Services
    • NAP
    • Failover Clustering
    • PKI
    • Hyper V
    • Exchange
    • IIS/apache/web server
    • System Center Data Protection Manager
    • System Center Service Manager
    • System Center App Controller
    • System Center Virtual Machine Manager
    • System Center Orchestrator
    • Lync
    • Application Virtualization
    • Sharepoint
    • WSUS

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Location


Interests

Found 2 results

  1. I am an administrator of a large network that is slowly being merged into being managed by SCCM 2012. Currently Updates, SCEP, Application deployment, general troubleshooting, Compliance Rules, etc. are in use, and we're almost to the point of using OSD (several good tests with a few different images). Throughout the process, we've been assigning security to allow our Helpdesk to deploy images, and they already have the capability deploy software packages. They had been in charge of updates and SCEP patching, but they fell behind and now the Sys Admin team is handling all patching, to include SCEP. They currently do not have the ability to create/edit/deploy task sequences, OS images, drivers packs, compliance rules, they cannot edit or create collections, etc. All my previous experience has been that these items fell under an administrator role, not a helpdesk role. Management, and some political power grabbing has created a swing in SCCM security that may require that we provide the following to be administered by the helpdesk: Create/Edit/Delete/Deploy Collections (both user and Device) Create/Edit/Delete/Deploy Reports Create/Edit/Delete/Deploy Task Sequences Create/Edit/Delete/Deploy Compliance Rules Create/Edit/Delete/Deploy Software Applications Create/Edit/Delete/Deploy Software Updates Create/Edit/Delete/Deploy Desktop SCCM Policies Create/Edit/Delete/Deploy Antimalware Policies Create/Edit/Delete/Deploy Operating System Images and Bootable PXE Environments The only way I can think to do this with our current architecture, and stills plit off desktops and servers is to build a CAS server with two different Primary Site Servers (we are a One Primary Site server setup), and split the roles across servers using boundaries to ensure that servers are not being managed by the helpdesk group, and that desktops are not being managed by the server group. So my questions are these: Is this viable (is this nuts?) Is this secure Will this provide the level of accountability needed to allow two groups that are literally in different buildings to run their appropriate systems without crossover nuightmares Does this present a risk for system-wide disaster (Server wipe from errant Task Sequence/OSD) Are there other ways to do it if this is not suggested, and where can I find the docs (whitepapers, etc.) Does this follow Microsoft best practice for roles within SCCM Does anyone have any knowledge of articles where this was done and worked, or did not work. Any and all help is appreciated. Jay
  2. Hello, Does anyone know of a way that the options function can be greyed out or removed from the software center? Or is the only way to control these functions done through Group Policy? We are about to push out SCCM client to all workstations at my company soon and i'm concerned about users managing their own desktops via this method. Anyone had similar issues? Thanks
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.