Remove Read Permissions Globally - BES Support

The BES Support site is the only site for which we cannot control Operator read access. This site has “Grant read permissions globally” enabled by default and grayed out, preventing us from unchecking the box. Has anyone been successful in hiding this site? I see a 9-year-old post to change the setting in SQL here:

[BFEnterprise].[dbo].[EXTERNAL_SITE_VISIBILITY]

We are not comfortable making this change unless others have implemented it without any impact and it is recommended by HCL support. Along with removing access to the fixlets and tasks, we want to prevent operators from using the “Windows Software Distribution Wizard” in the BES Support site.

Thank you!

If I remember correctly if you are using the Console there are components which are essential for it to work and because of that you can’t remove the read permission.

If the users are no-MO, you can delegate permissions to specific WebUI apps and with that you can hide the BES Support - custom, patch, workflow - App permissions granted to user - Customer Support
And of course you can provide them a Custom Site