In Arellia Management Server, you can limit the resources that users can access. By default, all Administrators, Users, and HelpDesk Role users have access to all computers and user account passwords in Arellia. To change this behavior, do the following steps:
- First, create and sync your Active Directory. (For instructions about how to sync your Active Directory, go to Sync Active Directory.)
- In the Arellia Security Manager, click the Configuration tab.
- In the file library in the left pane, navigate to Settings > Configuration > Resource Settings > Resource Types > Computer.
- In the right pane under Settings > Security Scope Set, click the Select... link.
- In the Select Item dialog box, click Active Directory Domains.
- Click OK.
- In the right pane, click Save. (Note: You might need to scroll down to see the Save button.)
- Click the Resources tab.
- In the file library in the left pane, navigate to
- Click Active Directory Domains.
- Right-click on an Organizational Unit that you want to change the scoping of and select Properties and then Security
- You can then change the security descriptor for that Organizational Unit. After changing the security descriptor, save the changes.
- Repeat changing the security descriptors on all of the organizational units that should have custom security.
By default, only Administrators and Users will have access. It is important to change the security descriptor on all organizational units that help desk users should have access to.
After making the changes above, users will only be able to see resources in the organizational units that they have access to.
Administrator User:
Scoped Helpdesk User: