RBA Gotcha Resolved in SCCM 2012 R2 Newly Installed DP is Not Visible in Console

I had blogged about a number of Role Based Administration Gotchas ConfigMgr SCCM 2012 SP1 RBA Gotchas and Implementation Guide. One of my topic in that is Newly installed DP is Not Visible for Infrastructure Administrator more details here.

This issue is taken care by Microsoft and  got resolved after upgrading to SCCM ConfigMgr 2012 R2. The good new is, now, Role Based Administration (RBA) in SCCM 2012 R2 respects the security scope of the CM 12 administrator who installs the DP role. The installed DP will get assigned to the security scope of the administrator who installed the DP.

Earlier all the installed DPs were assigned to DEFAULT security scope and that was not ideal situation when you’ve very complex environment with CAS and loads of primaries.  

This change in SCCM 2012 R2 makes much more sense!!! 

Scenario before SCCM ConfigMgr 2012 R2

1. SCCM 2012 Infrastructure administrator installs a new remote DP under a primary site on which he has infrastructure Administrator security access along with location specific security scope (more detailed about security scope scenario is explained here). 

2. DP installs successfully but it won’t be visible for SCCM 2012 admin in his console.

3. Where as SCCM 2012 CAS full administrator can view the DP and it’s installation status etc…

4. When an Infrastructure administrator installs a DP, the security scope of DP is automatically set to “DEFAULT“. If you’ve created different security scopes for different regions or country administrators then the regional administrators won’t be able to manage the installed DP. So the workaround was to inform CAS admin whenever there is any new DP installed in regional locations.

Happy that this issue got resolved in SCCM ConfigMgr 2012 R2 !!

Sharing is caring!

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.