We have certain users who are wanting to be able to create reports for their clients being backed up inside of Commvault. We are wanting to only allow them to view their client(s), libraries, and jobs without the capability of adding/remove/editing/creating. The Only thing we we want them to add/edit are reports that they can create for their environment and that's it.
Somehow back in May they were able to stop one of their jobs due to it causing a connection issue to the client causing a network traffic. this was an illegal operation which they performed, and my managment was not happy. I have attached their role profile. I am confused as to how they were able to perform this action based on the role settings. Any help as to get to the reult of what we are looking for is greatly appreciated.
Best answer by Mike Struening RETIRED
Sharing case solution:
Solution:
11.24.32
Issue -------- User account have unexpected permissions. Troubleshooting/Findings -------------------------- - User account is able to suspend and kill a job, the expectation is that they are not able to do this. - Created a test user and assigned the user to the group - The test user was unable to kill a job. - Navigated to user > right click> properties. - The user in question has master role associated to the client group which allows the user permissions to kill or suspend a job. Reconvened on a remote session ------------------------------- - User was unable to add dataset to a report when creating a report or editing a report. - Navigated to the user account and enable the "Developer tools" permissions. - Enabled "Dataset" "DataSource" "Reports" "Table" - Enabled user to see all entities from the commcell level. - User attempted to edit the report, user can now see the database and data source.
From that view I wouldn’t expect the behavior you encountered. Can you please create a new support incident for us to investigate further and share that incident number here for tracking?
During case creation please also upload your Commserve logs, and Commserve database with latest database and include in the case details the role, group, user example and behavior that you observed,
Created Incident 220623-657, basilly word foro word copied my question here for the forums, and sent the attachments and pictures over as well. will keep this forum page posted. Thanks for the help so far.
So turns out i had some manual associations also tacked unto the profiles of the individuals within that role that gave them master privilege's over jobs that they were able to see. We removed these manual entities, and the roles are working, except we now have a problem that we are awaiting results back from a Commvault rep, but want to throw this in here and see if you guys know what's causing it.
I have attached a report that one of the members is
he now can no longer see the Dara Sources, Databases and tables when creating a report for his tasks in the Commvault Reports on the Command Center (Attached screenshot). I used the test account to verify his claims and the role does not allow to see the Data sources, databases and tables. The role says he has access to all avenues of the reports, but this is not showing. I have attached a screen shot for further review.
Issue -------- User account have unexpected permissions. Troubleshooting/Findings -------------------------- - User account is able to suspend and kill a job, the expectation is that they are not able to do this. - Created a test user and assigned the user to the group - The test user was unable to kill a job. - Navigated to user > right click> properties. - The user in question has master role associated to the client group which allows the user permissions to kill or suspend a job. Reconvened on a remote session ------------------------------- - User was unable to add dataset to a report when creating a report or editing a report. - Navigated to the user account and enable the "Developer tools" permissions. - Enabled "Dataset" "DataSource" "Reports" "Table" - Enabled user to see all entities from the commcell level. - User attempted to edit the report, user can now see the database and data source.
We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.
