ZAC does not respect admin rights for workstation registration

  • 3742470
  • 03-Apr-2008
  • 27-Apr-2012


Novell ZENworks 10 Configuration Management


An administrator that only has rights to a subset of the devices hierarchy can register devices in folders that they are not authorised to manage


This is working as designed.

Additional Information

ZAC's only reason for asking for credentials is to ensure that the person running the ZAC command is an administrator. Those credentials are not passed in as part of the registration request as registration does not require any authentication. If it did it would defeat the purpose of registration which is to get the device registered so long as it matches a rule, or a correct key is used.
To enhance security, you should ensure that only authorised people have access to registration keys, and that Default Registration rules are disabled.