none
Permission Issue FIM 2010 RRS feed

  • Question

  • Hello,

    I have permission issue in FIM 2010 CM system.

    My Environment:

    FIM Server – Windows Server 2008 Ent SP2

    DB- SQL Server 2008

    DC – Microsoft Server 2003 Standard Sp 2

    CA- Microsoft Server 2003 Ent Sp2

    The problem with the user that connect to the GUI  via https of FIM 2010 System cannot  see  the full menu (Manager operations). The only action user can do is self services actions (Manage my info), for example:

    1. Show details of my certificate
    2. Request a permanent smart card
    3. Change my smart card PIN

    The solution that I found, adding the user to the Local Administrator group on the Fim Server, solved this problem (user can see the full menu and perform actions to other users). I guess that adding the users to Admin group to see the full menu is unsecure,

    Can someone help me to solve this problem with the right way?

    Thanks.  

    Thursday, June 21, 2012 9:11 AM

All replies

  • Hi OLGN,

    As part of the FIM CM you need to create some delegated groups that you allocate these specific rights to. This article has some insights into how you can achieve the delegation needed: http://technet.microsoft.com/en-us/library/gg418608(v=ws.10).aspx


    Visit My Blog: http://theidentityguy.blogspot.com/

    Thursday, September 27, 2012 12:59 AM
  • The Manager Operations view will be displayed dependent on the permissions at the Service Connection Point - see 1) in Jssting's link below. An account must hava at least one extended FIM CM permission at the FIM CM Server object to get the view displayed

    /Matthias

    Monday, October 8, 2012 9:56 AM