→ Celebrate SysAdmin Day 2024 with Lansweeper Enter our Giveaway here

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
FixitDave
Champion Sweeper
Problem;
After updating to v6, the default access for everybody is Admin + agent - I assume that's the highest access possible, I want to change the default to the View Assets role. I've limited access to a single AD group via web access, but everybody in that group is an admin.
For some reason, Lansweeper has made 424 users as Admin + agents out of our 4500 users...only around 20 users had access to v5 what has happened?
I'm also unable to locate AD groups within roles to change their settings.

Question 1
Can somebody let me know how to change everybody's access to the View Assets role by default and how do I assign AD security groups to roles within lansweeper.

Question 2
Can I disable showing the large brightly coloured letter when I view an AD user account?
Or at least manually edit the raw file so its not the brightest item on the screen.

Question 3
Can I remove those 424 agents and manually add AD users, or AD groups manually?

Nice update and looks great...but...see above 😞
8 REPLIES 8
Karel_DS
Champion Sweeper III
We've added the ability to use AD groups for website permissions back in version 6.0.0.22. You'll see a green globe in the Roles table on the Configuration -> User Access & Roles page. Click that and you'll be able to assign AD groups to a role. This will override roles specifically given to users, so no need to give every user separately a role any more.
LaurentV
Engaged Sweeper II
Hello Lansweeper team...

What about the update? What about the possibility to use ad groups for rights?

LaurentV
Engaged Sweeper II
WTF???

All users are administrators now... Why to suppress

Please correct as soon as possible...

I revert to old snapshot now and wait a new upgrade as soon as possible...
FixitDave
Champion Sweeper
I have 426 records in that table and I know without a doubt that I didn't add around 400 of those.
poweld1
Champion Sweeper
I noticed this problem too, I have a load of what looks like computer accounts in my tsyswebusers table.
Michael_V
Champion Sweeper III
Can you check how many records you have in table tsyswebusers: these are the users logged into version 5 which were migrated to admins.
FixitDave
Champion Sweeper
Thanks for the reply.

The only reason I could see why 424 users were added was due to the default Lansweeper access after the update....there was no restriction...So I added an AD group to the Website Access page.

Everybody who had logged into the domain (not lansweeper) post upgrade was then added with Admin+agent role...maybe this needs to be looked into?

We have a GPO on user login that reports to Lansweeper using LSClient, so it may be that tool that injected them as admins.

I only configured around 25 users to have access to Lansweeper v5, so to see 424 was quite a shock.


User access is now all set so no major outstanding issues.
Michael_V
Champion Sweeper III
- All users that were ever logged into Lansweeper (all records in table tsyswebuser) are automatically converted to Admin + Agent (your 424 users)
- You don't need to import everything from active directory, as soon as a user logs in a new user is automatically created
- By default all new users will get the "none selected..." role, this means that they can only create end-user tickets
- You will need to change the role of the 424 users manually ...(sorry about that)
- The bright icon is auto generated if the user has no picture in active directory or in the users folder.
- It is currently not possible to manage roles and permissions with AD groups but we will try to patch this in as soon as possible.