RBA Gotcha Resolved in SCCM Newly Installed DP is Not Visible in Console ConfigMgr Endpoint Manager. I had blogged about a number of Role-Based Administration Gotchas ConfigMgr SCCM RBA Gotchas and Implementation Guide.
One of my topics that is Newly installed DP is Not Visible for Infrastructure Administrator more details here.
This issue is taken care of by Microsoft and got resolved after upgrading to SCCM ConfigMgr. The good news is, now, Role-Based Administration (RBA) in SCCM respects the security scope of the CM 12 administrator who installs the DP role.
RBA Gotcha Resolved in SCCM Newly Installed DP is Not Visible
The installed DP will get assigned to the security scope of the administrator who installed the DP.
Earlier all the installed DPs were assigned to DEFAULT security scope and that was not an ideal situation when you have a very complex environment with CAS and loads of primaries.
This change in SCCM makes much more sense!!!
Scenario before SCCM ConfigMgr
1. SCCM 2012 Infrastructure administrator installs a new remote DP under a primary site on which he has infrastructure Administrator security access along with location-specific security scope (more detailed about security scope scenario is explained here).
2. DP installs successfully but it won’t be visible for SCCM 2012 admin in his console.
RBA Gotcha Resolved in SCCM Newly Installed DP is Not Visible.
3. Where as SCCM CAS full administrator can view the DP and it’s installation status etc…
4. When an Infrastructure administrator installs a DP, the security scope of DP is automatically set to “DEFAULT“. If you’ve created different security scopes for different regions or country administrators then the regional administrators won’t be able to manage the installed DP. So the workaround was to inform CAS admin whenever there is any new DP installed in regional locations.
Happy that this issue got resolved in SCCM ConfigMgr!! Let me know RBA Gotcha Resolved?