Creating and Managing Administrative Users
Full-Access Members Only
Sorry, this lesson is only available to Server Academy Full-Access members. Become a Full-Access member now and get instant access to this and many more premium courses. Click the button below and get instant access now.
Instructions
Q&A (0)
Notes (0)
Resources (0)
Saving Progress...
Resources
There are no resources for this lesson.
Notes can be saved and accessed anywhere in the course. They also double as bookmarks so you can quickly review important lesson material.
In this lecture you are going to learn how to create and manage your SCCM administrative users and groups.
In the SCCM console, navigate to Administration > Security > Administrative Users:
Inside the right pane you will see your administrative users and groups. Here you can right-click existing users to edit, refresh or remove them:
Right-click the default Administrator account and select Properties:
Here you will see three tabs; General, Security Roles and Security Scopes. General simply lists basic identifiable information about the user account. Security Roles allows you to define how much control you want the user or group to have. In this case, we can see that this user is a Full Administrator.
The Security Scopes tab allows you to define what objects the user will have “Full Administrator” permissions.
In small networks you would probably just go with the first option of All instances of the objects that are related to the assigned security roles. This associates the user with the All security scope as well as the All Systems and All Users and User Groups collections.
Selecting Only the instances of objects that are assigned to the specified security scopes and collections will associate the user with the Default security scope as well as the All Systems and All Users and User Groups collections. The main difference here is that this time the security scopes will be limited to that of the user account you used to create the account.
The Associate assigned security roles with specific security scopes and collections allows you to create specific associations between desired security roles and security scopes and collections.
Click Cancel and close the properties dialog. Now either select Add User or Group or right-click in the white pane below and select Add User or Group.
Now let’s define the following settings:
- User or group name: SCCM Admins
- Assigned security roles: Full Admin
- Assigned security scopes and collections: All instances of the objects that are related to the assigned security roles
Now you will see the new AD group listed here with the “Full Administrator” security role:
Since we added an AD security group, this means any members of that group will now have Full Administrator permissions inside of SCCM.
Server Academy Members Only
Sorry, this lesson is only available to Server Academy Full Access members. Become a Full-Access Member now and you’ll get instant access to all of our courses.
