SCCM Permissions

~~Für~~You ~~die~~do ~~Arbeit~~not ~~mit~~need ~~dem~~a Configuration Manager Console to work with the SCCM Application Manager. However, the SCCM Application Manager ~~wird~~is ~~keine~~an ~~Configuration~~administrative ~~Manager~~tool ~~Konsole~~that ~~benötigt.~~allows ~~Dennoch:~~you ~~Der~~to create, edit, or delete different SCCM ~~Application~~objects. ~~Manager~~Therefore, ~~stellt~~the ~~ein~~ ~~administratives Tool~~ ~~dar, mit dem es möglich ist, unterschiedliche SCCM-Objekte anzulegen, zu bearbeiten oder zu löschen. Daher sind, wie bei der Arbeit mit der Configuration Manager Konsole auch, folgende~~following administrative ~~Berechtigungen~~permissions ~~innerhalb~~are ~~von~~required ~~SCCM~~within ~~notwendig:~~SCCM:

~~Applikation~~Application: ~~Lesen;~~Read; ~~Ändern;~~Modify; ~~Löschen;~~Delete; ~~Festlegen~~Set ~~des~~Security ~~Sicherheitsbereichs;~~Scope; ~~Erstellen;~~Create; ~~Genehmigen;~~Approve; ~~Objekt~~Move ~~verschieben;~~Object; ~~Ordner~~Modify ~~ändern;~~Folder; ~~Bericht~~Run ~~ausführen;~~Report; ~~Bericht~~Modify ~~ändern~~Report
~~Sammlung~~Collection: ~~Lesen;~~Read; ~~Ändern;~~Modify; ~~Löschen;~~Delete; ~~Fernbedienung;~~Remote ~~Ressource~~Control; ~~ändern;~~Modify ~~Ressource~~Resource; ~~löschen;~~Delete ~~Erstellen;~~Resource; ~~Gesammelte~~Create; ~~Dateien~~View ~~anzeigen;~~Collected ~~Ressource~~File; ~~lesen;~~Read ~~Objekt~~Resource; ~~verschieben;~~Move ~~Bereitstellen~~Object; ~~von~~Deploy ~~Paketen;~~Packages; ~~Überwachungssicherheit;~~Audit ~~Bereitstellen~~Security; ~~von~~Deploy Client ~~Einstellungen;~~Settings; ~~Ordner~~Modify ~~ändern;~~Folder; ~~Sicherheit~~Enforce ~~erzwingen;~~Security; ~~Bereitstellen~~Deploy ~~von~~Antimalware ~~Antimalware-Richtlinien;~~Policies; ~~Bereitstellen~~Deploy ~~von~~Applications; ~~Anwendungen;~~Modify ~~Sammlungseinstellung~~Collection ~~ändern;~~Setting; ~~Bereitstellen~~Deploy ~~von~~Configuration ~~Konfigurationselementen;~~Items; ~~Bereitstellen von~~Deploy Task ~~Sequenzen;~~Sequences; ~~Kontroll~~Control AMT; ~~Bereitstellung~~Provision AMT; ~~Bereitstellen von~~Deploy Software Updates; ~~Bereitstellen~~Deploy ~~von~~Configuration ~~Konfigurationsrichtlinien;~~Policies; Modify Client Status ~~Warnung ändern~~Alert
~~Verteilungspunkt~~Distribution Point: ~~Lesen,~~Read; ~~Auf~~Copy ~~Verteilungspunkt~~to ~~kopieren~~Distribution Point
~~Verteilungspunktgruppe~~Distribution Point Group: ~~Lesen;~~Read; ~~Auf~~Copy ~~Verteilungspunkt~~to ~~kopieren~~Distribution Point
~~Paket~~Package: ~~Lesen;~~Read; ~~Ändern;~~Modify; ~~Löschen;~~Delete; ~~Festlegen~~Set ~~des~~Security ~~Sicherheitsbereichs;~~Scope; ~~Erstellen;~~Create; ~~Objekt~~Move ~~verschieben;~~Object; ~~Ordner~~Modify ~~ändern;~~Folder; ~~Bericht~~Run ~~ausführen;~~Report; ~~Bericht~~Modify ~~ändern~~Report
~~Rolle~~Role: ~~Lesen~~Read
Site: ~~Lesen~~Read
~~Ordner~~Folder (abrequired ~~Version~~from ~~1906~~version ~~erforderlich)~~1906): ~~Lesen;~~Read; ~~Ändern;~~Modify; ~~Löschen;~~Delete; ~~Erstellen~~Create
~~Und~~And ~~natürlich:~~of course: ~~Der~~The ~~aktuelle~~current ~~Benutzer~~user ~~darf~~must ~~nicht~~not ~~auf~~be ~~Instanzen~~limited ~~der~~to ~~Objekte~~instances ~~beschränkt~~of ~~werden,~~the ~~die~~objects ~~sich~~that ~~auf~~are ~~die~~related ~~zugewiesenen~~to ~~Sicherheitsrollen~~the ~~beziehen.~~assigned security roles.

~~Die~~The ~~Bereitstellung~~easiest ~~dieser~~way ~~Rechte~~to ~~erfolgt~~grant amthese ~~einfachsten~~rights ~~durch~~is ~~den~~to ~~Import~~import ~~einer~~a ~~Sicherheitsrolle~~security ~~innerhalb~~role ~~der~~from within the Configuration Manager ~~Konsole:~~Console:

~~Für~~The ~~den~~following ~~Import~~XML ~~dieser~~file ~~Sicherheitsrolle~~can ~~kann~~be ~~dazu~~used ~~folgende~~to ~~XML-Datei~~import ~~verwendet~~this ~~werden:~~security role:

<SMS_Roles>
	<SMS_Role CopiedFromID="SMS0001R" RoleName="SCCM Application Manager" RoleDescription="SCCM Application Manager Security Role">
		<Operations>
			<Operation GrantedOperations="1342176935" ObjectTypeID="1" />
			<Operation GrantedOperations="805446679" ObjectTypeID="2" />
			<Operation GrantedOperations="1" ObjectTypeID="6" />
			<Operation GrantedOperations="1" ObjectTypeID="27" />
			<Operation GrantedOperations="805448727" ObjectTypeID="31" />
			<Operation GrantedOperations="9" ObjectTypeID="42" />
			<Operation GrantedOperations="9" ObjectTypeID="43" />
			<Operation GrantedOperations="1031" ObjectTypeID="226" /> <!-- Ab Version 1906 erforderlich -->
		</Operations>
	</SMS_Role>
</SMS_Roles>

~~Anschließend~~Then, ~~wird~~create ~~innerhalb~~a ~~der~~new user or group within the Configuration Manager ~~Konsole~~Console ~~ein~~to ~~neuer~~which ~~Benutzer~~the ~~(Gruppe)~~new ~~angelegt,~~security ~~dem~~role ~~die~~and ~~vorgenannte~~the ~~Sicherheitsrolle~~security ~~und der Sicherheitsbereich~~scope ~~All~~all instances of the ~~objects[~~objects [...] ~~zugewiesen~~are ~~werden:~~assigned:

~~Mit~~With ~~dem~~the ~~Button~~button Check SCCM Permissions ~~kann~~you imcan ~~SCCM~~check ~~Application~~at ~~Manager~~any ~~jederzeit~~time ~~überprüft~~whether ~~werden,~~the obrequired ~~die~~permissions ~~benötigten~~have ~~Rechte~~been ~~vergeben worden sind.~~assigned.