Re: AMP for Endpoint Unprivileged User

enversingh · ‎06-06-2019

Hi, In AMP for Endpoints I've created an account without Administrative privileges and only granted access to a few groups, no policies or any other lists. Allow user to fetch file and command line data is unchecked.

When i log into the console with the user account, I'm able to see the groups however I'm able to then delete devices within those groups and move devices to other groups.

My aim is to create a read/view only account.

Any help/thoughts?

Troja007 · ‎06-07-2019

Hello @enversingh,

AMP console works here as expected. You can take a look into the AMP help directly in the AMP and searching for "Unprivileged Users". The article describes the user management in detail.

We are highly interested into Feedback. So please, get in contact with your Cisco representative to add a Feature Request.

Cheers,

Thorsten

enversingh · ‎06-09-2019

hi Thorsten

I've attached a screenshot of the settings/permissions of the user I've created. As you will see the only setting chosen is for Groups. I've been through the Help section prior to the post.

Regards

Enver

Troja007 · ‎06-11-2019

Thanks for the screenshot.

As described in my previous answer, looks like AMP console works as expected. The only thing we can do are.

1) maybe TAC has additional information.

2) Talking to your Cisco Representative to open a Feature Request.

Greetings,

Thorsten

EnverSingh7603 · ‎06-11-2019

Thanks I've opened a case with the TAC.

Troja007 · ‎06-11-2019

Hello @EnverSingh7603,

would be great to know what TAC answered for this.

Greetings,

Thorsten