09-06-2015, 09:53 AM
Upgraded from 2012 into 2015.
Imported the DB using the Upgrade from.....
Installed Patch 6.
Setup of the environment and DB works.
Have User Groups Administrators / External Consultants / Users.
On Root node Credentials I had assigned:
for Administrators and Users (FULL on both Private and Public)
for External Consultants (None on Public and FULL on PRIVATE) - To allow consultants to store passwords for their "private" accunts.
One Level down I have Folder "Standalone Machines" and under that I have 10 accounts.
In version 2012. The credentials saved that was under this Node the group External consultants had: (Standard Public Objects, READ) - That allowed them to actually SEE the Folder "Standalone Machines"
In version 2015 - NOT the case any more. Now I have to assign (Standard Public Objects, READ) on the Folder - Granting the External consultants FULL read on ALL credentials saved in this folder.
Bug or Feature? - Either way, not working as before. Not working as inheritance normally does in Windows.
And if kept like this, introduction of the "DENY" would be highly beneficial together with "Only Folder / Folder and Items IN folder"...
But TBH, preferably change to behave like 2012 version.
Br, Christian
Imported the DB using the Upgrade from.....
Installed Patch 6.
Setup of the environment and DB works.
Have User Groups Administrators / External Consultants / Users.
On Root node Credentials I had assigned:
for Administrators and Users (FULL on both Private and Public)
for External Consultants (None on Public and FULL on PRIVATE) - To allow consultants to store passwords for their "private" accunts.
One Level down I have Folder "Standalone Machines" and under that I have 10 accounts.
In version 2012. The credentials saved that was under this Node the group External consultants had: (Standard Public Objects, READ) - That allowed them to actually SEE the Folder "Standalone Machines"
In version 2015 - NOT the case any more. Now I have to assign (Standard Public Objects, READ) on the Folder - Granting the External consultants FULL read on ALL credentials saved in this folder.
Bug or Feature? - Either way, not working as before. Not working as inheritance normally does in Windows.
And if kept like this, introduction of the "DENY" would be highly beneficial together with "Only Folder / Folder and Items IN folder"...
But TBH, preferably change to behave like 2012 version.
Br, Christian