MECM 2002. RBAC. Export and Import Access Level along with Scope.
I have been assigned to restrict all the activities in the SCCM Console for certain period and move the full SCCM Infrastructure to Freeze. No one should be able to deploy anything, Should not be creating application or package, Cann’t distribute anything to any DP.
I have done a lot of homework for this task and found 2 possible ways to achieve it.
- Change the client settings. Change software update on client option to NO. Screenshot given below:That way clients will not receive anything. Bit risky because if policy broken then client may not apply these settings and ultimately it will fail the whole purpose itself. Again you need to change the setting to Yes so every client can receive deployments.
- RBAC :- Well Known.
Now the challenge starts. If we use RBAC then we need to do a lot of modifications into roles and endup breaking access to SCCM Console users. Also this will be manual task and every time before the freeze i need to do it.
So i want to do it in this way.
- Export all users rights as well as access level. Remove them.
- Import the same back and replicate their earlier access level.
PS can be my next best friend but don’t know if possible from script.
I know it sounds weird but MS also raised their hand and now the ball is in your court. Any help would be appriciated. Thanks a lot in Advance.
I am on MECM 2002. Standalone Primary.