https://technet.microsoft.com/en-us/library/mt592917.aspx#bkmk_planCol
This doesn't fit the bill? On Thu, Oct 6, 2016 at 1:52 PM, Murray, Mike <mmur...@csuchico.edu> wrote: > I don’t see a role that fits. :/ > > > > *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists. > myitforum.com] *On Behalf Of *Adam Juelich > *Sent:* Thursday, October 6, 2016 10:56 AM > *To:* mssms@lists.myitforum.com > *Subject:* Re: [mssms] Allowing staff to add computers to collection > > > > Can't you utilize Role-Based Administration on a Security Group / > Collection level? > > > > On Thu, Oct 6, 2016 at 12:23 PM, Murray, Mike <mmur...@csuchico.edu> > wrote: > > CM2012. I’d like to allow certain staff members to add computers to a > collection. I found this article: https://social.technet. > microsoft.com/Forums/en-US/c9d7531c-c8e1-4b0f-ab95-5a9ec5207e41/sccm-2012- > security-to-allow-users-to-add-resource-to-a-collection? > forum=configmanagersecurity > > > > It says the below, which is confusing me. Can someone clear this up and > let me know if this is a good idea? > > > > Here is a solution that should work for you. Perform this on a test > account with only the security role you are going to change for your users > in question. > > 1. Create a new collection that is a copy of your collection limiting > collection mentioned above. > 2. Set the limiting collection of this new collection to something > other than the limiting collection it defaults to, which is the copied > collection. > 3. Select the collections to which you wish to grant Add Resource > permissions to and set their limiting collection to this new collection. > 4. Within your Administrative user or group properties, specify this > new limiting collection and the collections you wish to allow Add Resource > permissions under the "Associate assigned security roles with specific > security scopes and collections - don't forget to add your security scope. > 5. Apply the changes and test - don't forget to restart the console of > your test account. > > This does a couple things - it allows the Add Resource function to the > specific collections you wish for the specific Administrative user/group > you wish. It does NOT allow modify on the limiting collection. And it > separates the specific collections you tag as being modifiable by the > specified group. > > > > > > > > Best Regards, > > > > Mike Murray > > Desktop Engineer/IT Consultant - IT Support Services > > California State University, Chico > > 530.898.4357 > mmur...@csuchico.edu > > > > Remember, Chico State will NEVER ask you for your password via email! > > For more information about recognizing phishing scam emails go to: > http://www.csuchico.edu/isec/basics/spam-and-phishing.shtml > > > > > > > > > >
