Environment
Novell
ZENworks 10 Configuration Management
Situation
An administrator
that only has rights to a subset of the devices hierarchy can
register devices in folders that they are not authorised to
manage
Resolution
This is working
as designed.
Additional Information
ZAC's only
reason for asking for credentials is to ensure that the person
running the ZAC
command is an administrator. Those credentials are not passed in as
part of the registration request as registration does not require
any authentication. If it did it would defeat the purpose of
registration which is to get the device registered so long as it
matches a rule, or a correct key is used.
To enhance
security, you should ensure that only authorised people have access
to registration keys, and that Default Registration rules are
disabled.