The Community is now in read-only mode to prepare for the launch of the new Flexera Community. During this time, you will be unable to register, log in, or access customer resources. Click here for more information.
Hi
Something weird happened in FNMS
I've found a new possible role in the list that should not be there. Maybe some other user of FNMS has been able in some way to create it, so now for inventored targets it is possible to apply this new role.
Since I was thinking is not possible to create new roles, I'm wondering how this happened and if it is possible in some way to create new roles in FNMS.
Thanks
Nov 15, 2020 08:06 PM - last edited on Nov 16, 2020 05:24 AM by ChrisG
(Always take a backup before running any deletions!)
1) Use the following SQL to find out the ComplianceComputerRoleID associated with the bad role:
SELECT * FROM ComplianceComputerRole
2) Use the following SQL to ensure that there are no inventory devices that are currently using this bad role:
SELECT * FROM ComplianceComputer WHERE ComplianceComputerRoleID = <ID from previous step>
3) Assuming 0 results from step 2, simply use:
DELETE FROM ComplianceComputerRole WHERE ComplianceComputerRoleID = <ID from step 1>
If you got > 0 results in step 2, then please assign a correct role to those machines before removing the bad role.
Nov 16, 2020 05:36 AM
Hi @marcog ,
Can you be more specific, because you are talking of 2 separate things and I'm a little bit lost.
A role is when you created customize access to a user, like you create a role that have access only to inventory, and to a specific corporate unit, etc.
Roles can be created only with administrative rights.
Then you speak about targets, targets are related to inventory, etc. With a specific role you can have access or not to targets.
So where is your problem, some one created a new list of targets?
Nov 16, 2020 02:02 AM
Hi @marcog,
Are you perhaps referring to 'device role' on an inventory device object?
These can be created by business adapter imports, or by direct updates to the table ComplianceComputerRole. I would say that the former is more likely.
From my test environment, seems that there are 8 OOTB device roles, as pictured below. Do you have more than that?
HTH,
Joseph
Nov 16, 2020 03:16 AM
Nov 16, 2020 05:12 AM
(Always take a backup before running any deletions!)
1) Use the following SQL to find out the ComplianceComputerRoleID associated with the bad role:
SELECT * FROM ComplianceComputerRole
2) Use the following SQL to ensure that there are no inventory devices that are currently using this bad role:
SELECT * FROM ComplianceComputer WHERE ComplianceComputerRoleID = <ID from previous step>
3) Assuming 0 results from step 2, simply use:
DELETE FROM ComplianceComputerRole WHERE ComplianceComputerRoleID = <ID from step 1>
If you got > 0 results in step 2, then please assign a correct role to those machines before removing the bad role.
Nov 16, 2020 05:36 AM
Thank you, much appreciated
Nov 16, 2020 05:38 AM
Nov 16, 2020 05:39 AM
@marcog, I just tried in my test environment using:
INSERT INTO ComplianceComputerRole (ResourceName, DefaultValue, ManageLicenses)
VALUES ('ComplianceComputerRole.NewRole', 'NewRole', 1)
...but received a FK constraint error:
The INSERT statement conflicted with the FOREIGN KEY constraint "FK_ComplianceComputerRole_ResourceString". The conflict occurred in database "FNMSCompliance", table "dbo.ComplianceResourceString", column 'ResourceString'.
...so, I guess not. This makes sense, now that I think about it.
So, looks like your culprit was most likely a business adapter.
Nov 16, 2020 05:45 AM
Nov 16, 2020 06:25 AM
Nov 16, 2020 05:13 AM
@marcog - I have changed the subject on the first message in this thread to explicitly refer to device roles.
Nov 16, 2020 05:25 AM
Hi,
I can confirm that via business adapter you can created new roles in inventory part.
Nov 16, 2020 05:56 AM