ZAC does not respect admin rights for workstation registration

  • 3742470
  • 03-Apr-2008
  • 27-Apr-2012

Environment

Novell ZENworks 10 Configuration Management

Situation

An administrator that only has rights to a subset of the devices hierarchy can register devices in folders that they are not authorised to manage

Resolution

This is working as designed.

Additional Information

ZAC's only reason for asking for credentials is to ensure that the person running the ZAC command is an administrator. Those credentials are not passed in as part of the registration request as registration does not require any authentication. If it did it would defeat the purpose of registration which is to get the device registered so long as it matches a rule, or a correct key is used.
To enhance security, you should ensure that only authorised people have access to registration keys, and that Default Registration rules are disabled.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.