When SquaredUp connects to SCOM, it does so using the end user's credentials. This means that all SCOM data in SquaredUp is subject to SCOM's role-based access control (RBAC). For example, if a user views a dashboard of "All Windows Computers", the actual computers shown on the dashboard will be limited to those that the user has permissions to view.
Actions in SquaredUp are also subject to SCOM RBAC. The different SCOM roles have permissions as follows:
- Administrators can edit, create and delete dashboards in SquaredUp, manage alerts, manage maintenance mode and run tasks.
- Authors can edit Company Knowledge.
- Advanced Operators have the same permissions as Operators.
- Operators can manage alerts, manage maintenance mode and run tasks. See How to allow SCOM Operators to edit Company Knowledge
- Read Only Operators can view data, but cannot manage alerts, maintenance mode or run tasks.
Note that, when users access an Open Access dashboard it is unauthenticated, so SquaredUp uses the application pool identity to access SCOM, and so the user's RBAC does not apply.