Can the feature of Read-Only site be added to the roadmaps? The intent is that high security/uptime systems (ie ATMs) should be audited by the enterprise security site but not have any fixlets/tasks deployed from this site. Custom sites would need to roll to these systems so locking it is not really an ideal option.
Imaging 2 groups of systems (group A and group B). Grp A has software with a vendor who certifies each MS patch for their software and effectively releases a ‘re-wrapped’ patch which includes the patch and their compatibility tweaks. Group B is a regular old windows system. I want GRP A to not be able to run fixlets from enterprise security, but be audited against it so we can tell where they are in the patching of those systems, while still retain the ability to patch group B. Locking the client doesnt fit our need since we must be able to deploy the vendor’s patch re-wraps to the systems in group A.
Using “Tools > Manage Sites”, you can control if people can view Fixlet sites, but there isn’t a way to make them read-only (except for custom sites, but in this case “read-only” means that you can’t make new Fixlets in the site).
Perhaps you could give the users console access for the computers they wish to manage and then web reports access for the ATMs?
You could give them two console operator accounts, one with rights only on group A and one with only rights on group B. For group B, don’t give the console operator the propagation keys for their account, only give them the database username/pass. You can bypass the key check when logging into the console by holding down the control key when you click ok. They will be able to view everything in the console but will not be able to propagate any changes because they won’t have the necessary keys.