Hello,
We granted access to our Service Desk team to PRTG, but, for maintenance purpose, they need to pause some sensors or devices. I read on an old KB that the only way was to add read/write rights. I've done it but there is a big problem doing this. Service Desk team is now able to delete devices/sensors which can cause big issues.
Could you please give me another way to give the right to the service desk team to pause sensors without being able to delete them?
Waiting for your feedback.
Best Regards, Jonathan
Article Comments
Dear support,
we have different teams in our organization and we cannot provide the write permissions to our service desk just to acknowledge an alarm. That's why we cannot give them these RW permissions or trust them when they will say "OK, I won't update something else, even if I have the rights...". In all our professional products, we have clearly the distinction between the auditor (RO), operator (RO + some privileges) and administration (RW) role.
How can we face to this issue today?
Thanks for your answer.
Nicolas DASSY (Operations Supervisor).
Sep, 2018 - Permalink
Dear Nicolas,
In PRTG there is in each user's properties an option about whether or the not the user may acknowledge alarms, this works even when the user's group has only "read" access to a particular object.
Kind regards,
Erhard
Sep, 2018 - Permalink
Hello,
I meant pause a sensor or device not acknowledge sorry.
Best regards, Nicolas.
Sep, 2018 - Permalink
Hello Nicolas,
Currently the user rights management is what it is, I'm afraid. There are currently no plans for more "granular tweaking". Additional "layers" of access rights options in the end will also drain performance for the ongoing checks in the background when navigating through PRTG, especially in larger installations with many devices, users and user groups it will lead to things becoming slower when browsing the ui.
Don't get me wrong, personally I think it would be neat to have more granular options regarding access rights options, but most likely it is nothing that will be available in the near future. Also we introduced recently a public space for posting feature requests, so they can be rated by other users as well.
If you need help with that, please let me know and add as many details as possible as mentioned in the thread about posting feature requests, then I will post it for you.
Kind regards,
Erhard
Sep, 2018 - Permalink
Hello Jonathan,
There is no other way with PRTG's access rights management. The user needs to be a read/write user and the group the user is a member of needs to have "Write" access, which also allows deleting sensors, see also as described here. Those permissions cannot be tuned further down to disallow certain actions. Maybe you can simply convince the users to not delete stuff :)
Kind regards,
Erhard
Sep, 2018 - Permalink