1.4 Rights

A ZENworks administrator’s rights control which administrative tasks he or she can perform in the Management Zone. There are 23 categories of rights:

Administrator

Discovery

Policy

User Source

Bundle

Document

Remote Management

ZENworks User Group

Contract Management

Inventoried Device

Sharing

Zone

Credential

LDAP Import

Subscriptions

Inventory Report

Deployment

License Management

System Update

Asset Management Report

Device

Location

User

 

Each rights category contains multiple rights that provide granular control of administrative tasks related to the category. For example, the Bundle Rights category includes the following rights:

View Leaf

Modify Group Membership

Author

Assign Bundles

Modify Groups

Modify Folders

Publish

View Audit Logs

Create/Delete Groups

Create/Delete Folders

Modify Settings

View Audit Events

Each right has two settings: Allow and Deny. Depending on the setting that is selected, the administrator is either allowed to perform the administrative task controlled by the right or not allowed to perform the task.

When you assign rights, you assign the entire rights category and specify the context in which the rights applies. For example, when you assign the Bundle Rights, you would configure each individual bundle right setting (Assign Bundles, Author, Publish, and so forth) to either Allow or Deny, and then specify the context to which the rights apply. In the case of Bundle Rights, the rights could be applied to the Bundles root folder or to any subfolders within the root folder. Some rights, such as Administrator Rights and Discovery Rights, apply only to the Management Zone, so their contexts are automatically set to zone.

For detailed descriptions of all rights, see Section 7.0, Rights Descriptions.