Controlling access to MOM consoles

  • Article

Applies To: Forefront Client Security

You can use the information in this topic to grant and revoke access to the MOM Operator console and the MOM Administrator console.

Controlling access to the MOM Operator console

The Client Security Administrator and Alerts Manager user roles require access to the MOM Operator console.

To grant a user or group access to the MOM Operator console

  1. Using an account that has local administrator privileges, log on to the collection server.

  2. Access Administrative Tools and click Computer Management.

  3. Under Computer Management, open System Tools, open Local Users and Groups, and click Groups.

  4. Under Name, double-click Mom Users.

  5. Add the user or group that should have access to the MOM Operator console, and then click OK.

  6. If you want to allow the user or group to have remote access to the MOM Operator console, under Name, double-click Distributed COM Users.

  7. Add the user or group that should have access to the MOM Operator console, and then click OK.

To revoke user or group access to the MOM Operator console

  1. Using an account that has local administrator privileges, log on to the collection server.

  2. Access Administrative Tools and click Computer Management.

  3. Under Computer Management, open System Tools, open Local Users and Groups, and click Groups.

  4. Under Name, double-click Mom Users.

  5. Select the user or group whose access you want to revoke.

  6. Click Remove, and then click OK.

  7. Under Name, double-click Distributed COM Users.

  8. If the user or group whose access you want to revoke is listed in the dialog box that appears, select the user or group, click Remove, and then click OK.

Controlling access to the MOM Administrator console

To control Client Security Administrators' access to the MOM Administrator console, use the following procedures to grant or revoke that access.

To grant a user or group access to the MOM Administrator console

  1. Using an account that has local administrator privileges, log on to the collection server.

  2. Access Administrative Tools and click Computer Management.

  3. Under Computer Management, open System Tools, open Local Users and Groups, and click Groups.

  4. Under Name, double-click Mom Authors.

  5. Add the user or group that should have access to the MOM Administrator console, and then click OK.

  6. Under Name, double-click Distributed COM Users.

  7. Add the user or group that should have access to the MOM Administrator console, and then click OK.

To revoke user or group access to the MOM Administrator console

  1. Using an account that has local administrator privileges, log on to the collection server.

  2. Access Administrative Tools and click Computer Management.

  3. Under Computer Management, open System Tools, open Local Users and Groups, and click Groups.

  4. Under Name, double-click Mom Authors.

  5. Select the user or group whose access you want to revoke.

  6. Click Remove, and then click OK.

  7. Under Name, double-click Distributed COM Users.

  8. Select the user or group whose access you want to revoke.

  9. Click Remove, and then click OK.