06-06-2019 05:06 PM - edited 02-20-2020 09:09 PM
Hi, In AMP for Endpoints I've created an account without Administrative privileges and only granted access to a few groups, no policies or any other lists. Allow user to fetch file and command line data is unchecked.
When i log into the console with the user account, I'm able to see the groups however I'm able to then delete devices within those groups and move devices to other groups.
My aim is to create a read/view only account.
Any help/thoughts?
06-07-2019 02:17 AM
Hello @enversingh,
AMP console works here as expected. You can take a look into the AMP help directly in the AMP and searching for "Unprivileged Users". The article describes the user management in detail.
We are highly interested into Feedback. So please, get in contact with your Cisco representative to add a Feature Request.
Cheers,
Thorsten
06-09-2019 01:37 AM - edited 06-09-2019 01:38 AM
06-11-2019 12:24 AM
Thanks for the screenshot.
As described in my previous answer, looks like AMP console works as expected. The only thing we can do are.
1) maybe TAC has additional information.
2) Talking to your Cisco Representative to open a Feature Request.
Greetings,
Thorsten
06-11-2019 12:39 PM
Thanks I've opened a case with the TAC.
06-11-2019 10:44 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide