SOTI Pulse Logo

Saved Script Security?

CR
Chris R.
SkyBitz - End User

Hi,

I'd like to be able to limit certain users/roles/groups to accessing the saved script list.  Some scripts that are saved should be admin level only or are specific for certain roles or customers. 

I was looking around in the general permissions for roles/groups & users and didn't see anything, but I was curious if there were any security permissions around saved scripts? 

I found the permission where users can't manage the scripts like add new ones or delete them, but nothing for limited user access to the saved scripts.  The user would still need to be able to send ad-hoc basic scripts.

I wasn't sure if there was a workaround for this or if anyone had other thoughts on the topic?

3 years ago
SOTI MobiControl
ANSWERS
RS
Rafael Schäfer
3 years ago

As far as i know you can only limit the general access to the scripts and (what you still found out) to edit/add/delete (= manage) those.

But what kind of security scripts you have they don't have to see or execute?

You could only seperate those scripts into a profiles (containing a package only with a script) where you can set permissions on and it's not visible how the script looks like. But this would be not very comfortable to execute then.

CR
Chris R.
3 years ago

Some of the scripts are just sensitive between or specific to certain customer folder groups.  Others are for removing/uninstalling apps or installing apps from pcg files, etc... that some generic users really should never execute.   For now I am just not saving them and keeping them so was just curious if there was anything we could implement here.

RS
Rafael Schäfer
3 years ago

Then you have to do it like now or as just said save them in a mobicontrol package assigned to a profile with "self serve" installation method instead of automatic.

Those profiles have permissions to be able to set, so they would then only are visible for those who should see that.

But they are not that nice to handle then.

RC
Raymond Chan Diamond Contributor
3 years ago

Your mentioned script permission control in user/group/role on a per-script or per-device-group basis has been requested at least by me more than one feature-requests in the last 5+ years.  Soti has progressively added more refined permission control in various dimensions since then, but unfortunately what you need is still not supported as of now.

R
RSMOD@SOTI
3 years ago

Hi Chris,

Thanks for posting your query in SOTI Central and I'm sorry for my delayed response.

As Raymond said, MobiControl does not have such function currently.

So please contact our support team and raise a feature request for the security function.

Thank you,

Similar Discussions