Assign User to Remote Tools Operator in SCCM 2016.

To avoid assigning a security role that grants more permissions than the users require.

you can create a custom security role by creating a copy of an existing security role, and then modifying the copy.

In this post I am going to delegate SCCM permissions by using a custom security role,

that can grant a group of users the Remote Tools Operator role in SCCM.

Create a new custom security role

In the Configuration Manager console, choose Administration.

In the Administration workspace, expand Security, and then choose Security Roles.

 

Select Remote Tools Operator role that you want to modify

On the Home tab, in the Security Role group, choose Copy. This action creates a copy of Remote Tools Operator role.


In the Copy Security Role wizard, specify a Name for the new custom security role. “Help Desk Operator”

In Security operation assignments, expand each Security Operations node to display the available actions.

To change the setting for a security operation, choose the down arrow in the Value column, and choose Yes.

After you configure the permissions, choose OK to save the new security role

To create a new administrative user

In the Configuration Manager console, choose Administration.


In the Administration workspace, expand Security, and then choose Administrative Users.

On the Home tab, in the Create group, choose Add User or Group.


 

Choose Browse, and then select the user account or group to use for this new administrative user. “Help Desk”


For Associated security roles, choose Add to open a list of the available security roles, check the box for Help Desk Operation security roles, and then choose OK.


Choose the Security Scopes tab to confirm that the user is configured for Only the instances of objects that are assigned to the specified security scopes and collections.


To assign additional security roles to this user, choose Add, check the box for additional security role that you want to assign, and then choose OK.


To configure security scopes for an object

In the Configuration Manager console, choose Administration.


In the Administration workspace, expand Security, and then choose Security Scopes


On the Home tab, in the Create Security Scopes, choose Create Security Scope and Give the scope a name.


You are good to go


Configure the default client settings

In the Configuration Manager console, choose Administration > Client Settings > Default Client Settings.


On the Home tab, choose Properties.

In the Client Settings window go to the Remote Tools section. By default, remote connections are disabled.

To enable this option, click on Enable Remote Control on client computer.

Also, you need to specify the firewall profiles for which you want to allow the connection via Remote Tools.


Specify Remote Control Settings

Users can change policy or notification settings in Software Center: No

Allow Remote Control of an unattended computer: Yes

Prompt user for Remote Control permission: No


 

To allow specific users and groups to connect to user’s desktops, click on the Set Viewers button and add the group/user names to the list.



2 thoughts on “Assign User to Remote Tools Operator in SCCM 2016.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s