Hi,
I am trying to give our helpdesk access so they can right click a computer object in the console and edit the Users Primary Device. They have the option to right click and select "Edit Primary Users", but when typing in Domain\Username it doesnt populate with any usernames?
Its almost as though they dont have rights to search AD for the usersnames in our domain.
I am full administrator so it works fine for me.
I have set the following permissions for our helpdesk and thought this would be enough:
Collection = Read, Modify, Remote Control, Modify Resource, Delete Resource, Read Resource, Modify Collection Setting, Control AMT
Site = Read, Import Computers
User Device Affinities = Read, Modify, Delete, Create, Run Report, Modify Report
Helpdesk all have appropriate rights in AD so its definitely something within SCCM 2012 RBAC causing the issue, any ideas ?
Note: I already have automatic UDA in place but it takes the agent a week to pick this up so need a manual of doing this too.
Thanks