Skip navigation
1110 Views 8 Replies Latest reply: Mar 29, 2012 9:49 AM by Technobabble RSS
macado Apprentice 207 posts since
Dec 15, 2008

Has received 1 of 9 achievements.
Currently Being Moderated

Mar 26, 2012 9:48 AM

Issues with RBA in 9.0 SP3

I am having some issues with Role Based Access on our LANDesk 9.0 SP3 test environment.

 

Any users that are part of LANDesk Administratrators group can log in fine however users that are ONLY members of LANDesk Script Writers group are unable to log into the console.

 

I get the following error:

loginerror.jpg

 

In order for them to be able to log in, they must ALSO be part of LANDesk Management Suite group.

 

LANDesk Script Writers contains AD security groups that have access to log into the core.  If I add the users either directly to the Management Suite group or add their AD security group then they can log in.

 

Is this correct behavior?  According to the documentation, the user only needs to be a member of one of these groups.

 

 

Any ideas?

  • LANDeskWizrd Expert 506 posts since
    Jul 2, 2008

    Has received 8 of 9 achievements.
    Currently Being Moderated
    1. Mar 26, 2012 11:47 AM (in response to macado)
    Re: Issues with RBA in 9.0 SP3

    Which documentation are you looking at? The documentation LANDesk provides is not always up to date unfortunately.

     

    When you look at your users list in LANDesk, do you have a role/scope assigned to either LANDesk Management Suite or LANDesk Script Writers? I believe you need to have a role defined for any group that needs access to the console.

     

    This is a portion of a document that might help. The document can be found here http://community.landesk.com/support/docs/DOC-23415 if you haven't already read that one.

     

    "In 9.0 SP2, the Local Users and Group is key component to using LANDesk. Unlike previous version of LANDesk, the LANDesk Administrators, LANDesk Management Suite, and LANDesk Script Writers groups are only used to give users rights to the LANDesk directory structure. These groups do not add the users to the User Management console as they did in past versions, in fact the users do not need to be in these groups to add a user to the User Management console, but the user will not be able to log in to the console until they are added to a group."

  • LANDeskWizrd Expert 506 posts since
    Jul 2, 2008

    Has received 8 of 9 achievements.
    Currently Being Moderated
    4. Mar 26, 2012 12:05 PM (in response to macado)
    Re: Issues with RBA in 9.0 SP3

    Yeah I use the same type of setup. I place groups inside the local LANDesk groups and assigne the roles to those that I add.

     

    Looking at the screenshot, I only see LANDesk Script Writers. Did you add groups with roles to the LANDesk Management Suite as well?

  • LANDeskWizrd Expert 506 posts since
    Jul 2, 2008

    Has received 8 of 9 achievements.
    Currently Being Moderated
    5. Mar 26, 2012 12:10 PM (in response to macado)
    Re: Issues with RBA in 9.0 SP3

    Hmm, that does seem strange. Is there any reason you need to use LANDesk Script Writers? I have always just used LANDesk Management Suite when it came to giving console access to users.

  • Rookie 8 posts since
    Sep 28, 2011

    Has received 1 of 9 achievements.
    Currently Being Moderated
    6. Mar 26, 2012 4:05 PM (in response to macado)
    Re: Issues with RBA in 9.0 SP3

    check this document  DOC-8201

     

     

     

     

    Regards

  • Technobabble Apprentice 64 posts since
    Dec 12, 2007

    Has received 1 of 9 achievements.
    Currently Being Moderated
    8. Mar 29, 2012 9:49 AM (in response to macado)
    Re: Issues with RBA in 9.0 SP3

    There are 2 bugs that I reported related to scopes based on an LDAP queries after installing LDMS 9 SP3.

     

    • A scope based on an LDAP query will become corrupt and unusable after you edit it. The workaround is to edit the scope's row in the dbo.Scope table under the BNF column in the database directly. Care should be taken as to syntax when editing the scope directly in the LANDesk databse.

     

    • When attempting to create a new scope based on an LDAP query and selecting "Edit and then "Browse Directories" to specify the criteria, there is no "Save" button but the the scope is created as an LDMS query when selecting the "Close" button.

     

    LANDesk has this in their queue to get fixed but I have received not received an information as to when a fix for this will be avaiable.

     

     

    Sample of corrupt scope before editing:

    Scope_Before.PNG

     

    Sample of corrupt scope after editing:

    Scope_After.PNG

More Like This

  • Retrieving data ...

Bookmarked By (1)

Legend

  • Correct Answers - 20 points
  • Helpful Answers - 10 points
LANDESK Community powered by Jive SBS® 4.5.7.1  |  Legal Notices  |  Privacy Policy  |  Icon 

TweeterOn Twitter  |  Icon FacebookOn Facebook © 2007 LANDESK Software