How do I troubleshoot permission conflicts?
NetIQ Vulnerability Manager 5.0
NetIQ Vulnerability Manager 5.5
Console users receive permissions from assigned roles as well as individual permissions you explicitly allow or deny. Permissions explicitly assigned to a console user override permissions implicitly granted through roles.
The following table shows how the default permissions are applied in response to particular permission settings. Use this table to help you identify and resolve permission conflicts and inheritance.
If you assign . . . Permission is set to . . . _____________________________________________________________________________________________
No permissions Deny
One or more permissions that allow the same activity Allow
One or more permissions that deny the same activity Deny
One permission that allows the activity and another permission Deny
that denies the same activity
One or more permissions set on a category of tasks, reports Allow or deny each task, report, or action in the
or actions category
One or more permissions set on a group of endpoints Allow or deny activities fo.
r each endpoint in the
One or more permissions set on a group of endpoints that Allow or deny activities for each endpoint in
contain the same endpoint the parentgroup
Conflicting permissions set on two or more groups that contain Deny
the same endpoint
Two or more roles that contain conflicting permissions for the Deny
If you assign permissions to a group of endpoints, and then later add a child group, those permissions are applied to the endpoints in the child group.
If you assign permissions to one or more activities in a category, and then later assign additional permissions to the entire category, both sets of permissions are applied. If the permissions assigned to the category conflict with the permissions assigned to the activities, the permissions assigned to the category get applied.
This information is also in Chapter 6 of the NetIQ Vulnerability Manager5.0 User Guide and Chapter 5 of the NetIQ Vulnerability Manager 5.5 User Guide.