|Applies To||Authentication Manager 7.1X and APP 3.0X|
|Issue||error: "Insufficient permissions" when running a report as a delegated administrator|
Users with admin role cannot run reports in RSA Authentication Manager 7.1
Error : "insufficient permissions" when trying to run reports as a delegated administrator
Note: Reports created prior to creating a new admin role should be deleted. The new Admin role should be configured first, as described in the article below, and then create the reports needed by the new admin role. Delete any old reports created before the Admin role was created.
Reports created by a user with an admin role can be run by the user that created them. To add the ability to run reports for an existing Admin role which were not created by the user trying to run them in AM 7.1 please follow these directions.
Perform these steps in the security console:
Note: If 7.1/APP 3.0 was upgraded to SP2 from base AM 7.1 then you must also enable the following items under the "General Permissions" tab of the Administrative role. In the Realm Administrator section select the ?May manage all administrators' private report jobs? item on the Report Job Manager line. In the Manage Reports section select the ?May run and manage any of the activity reports? item on the Audit Report Manager line. It has been observed that on systems installed with the AM 7.1 SP2 or SP4 full kit the Report Job Manager and the Audit Report Manager items are not required.
NOTE: Audit report manager is only available as a menu option if the scope of the role includes 'system domain'. If the admin role is locked down to a subdomain, you will not be able to add 'audit report manager'. Instead, create a new admin role, with a system domain scope, and choose only audit report manager as the option. Then, add this single-use role to the administrator (so they now have multiple roles assigned) and they will retain their original restrictions and options, but also be able to run reports.
|Legacy Article ID||a50752|