Hi,
I am configuring role-based access to the Web Console for a group of users.
It is working fine except they can view SCOM agent-related alerts which is not desirable, such as Operations Manager failed to start a process or Power Shell Script failed to run alerts.
Can I avoid this, please?
I believe this is occurring because I have added several instances of the Windows Computer class to a SCOM group which the custom SCOM user role has access to and believe health service is a child class of the Windows Computer host class.
Is there a way to exclude/deny access to agent-related alerts without removing the Windows Computer class instances from the group?
I am hesitant to do this because the users require access to all views and alerts related to all classes and objects used by SQL, SharePoint, IIS, Windows OS for a select group of computers and I suspect I will need to add so many class instances if I exclude Windows Computers.
Any advise is much appreciated, thanks!