7 Replies Latest reply on Sep 8, 2015 2:55 AM by l.mendoza

    UDT White List requires Admin?

    reylas

      We are currently using UDT and whitelisting, but have run across an issue.  I have tried everything I could, and found that only someone with full admin rights to the entire solarwinds package can manage a white list (or watch list).   We have another department that only uses UDT, so it is a real pain to have to give them full rights.

       

      Am I missing something?  Is there another way to manage white lists without being an admin?

       

      Thanks,

      Mark S.

        • Re: UDT White List requires Admin?
          itforensicsphil

          If anything I would say that UDT should be used by a IT security team. The whitelist is meant to allow or not allow devices as specified. I wouldn't want anyone being able to white list stuff.

            • Re: UDT White List requires Admin?
              reylas

              Since the whitelist technically does nothing but alerts (no auto shutdown), I do not see why this should be the case.   We use whitelists to alert us to when a new mac address appears on the network.   Why should it take an admin of netflow, NPM, SAM and what not to handle this job function.

               

              I now have several people who are total admins (no way around) that only handle that job function daily.   I should be able to assign that part to a "security team" and not worry about them having access to my SQL servers.

               

              Mark S.

                • Re: UDT White List requires Admin?
                  itforensicsphil

                  If they are a security team this is a tool for them, and why would it matter if they get admin rights for this? I would think they should seens how thats what I am doing with it. Also, you stated you dont want to worry about them having access to your SQL servers? How would they?

                    • Re: UDT White List requires Admin?
                      reylas

                      Because they are a security team for *their* area which is voice and communications.   They have no business and no skill set that they need to be an admin in the rest of Solarwinds.    NCM has a setting that allows admin for only the NCM piece.   For my company, UDT needs to be the same way.

                       

                      I realize that you may work in a company that does not need this, but that does not mean your way is the only way or the right way.   Auditors for my company demand only access to what you need.   Solarwinds has done it for parts of the software but not all.   One setting would allow us both to set it the way we need.

                      • Re: UDT White List requires Admin?
                        reylas

                        Because being an admin makes them able to do anything they want or think they need in SAM.   SAM monitors my SQL servers.  

                  • Re: UDT White List requires Admin?
                    peter.ksenzsigh

                    Hi Mark,

                    yes, you trully need admin rights in order to manage whitelists. One workaround which I can imagine would be putting UDT on a separate server.

                    Peter

                    • Re: UDT White List requires Admin?
                      l.mendoza

                      Hello Mark.

                       

                      Yup. You have to have admin rights before you can do white listing. 

                      This is one of my issue before with my client. Different admins of modules from different team. But all of the modules were installed in one server.

                       

                      I guess, it's a limitation again at the moment.

                       

                      I agree with peter.ksenzsigh. However, this must be clear with the client prior to deployment. Because it would entail another server for them.