Share via


Prerequisites for Compliance Settings in Configuration Manager

 

Updated: May 14, 2015

Applies To: System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 Configuration Manager SP2, System Center 2012 R2 Configuration Manager, System Center 2012 R2 Configuration Manager SP1

Compliance settings in System Center 2012 Configuration Manager has the following dependencies within the product.

Configuration Manager Dependencies

Dependency

More information

Clients must be enabled and configured for compliance evaluation.

Before you can use compliance settings, you must enable and configure client settings. For more information, see Configuring Compliance Settings in Configuration Manager.

Reporting point site system role must be installed and configured.

The reporting point site system role must be installed and configured before compliance settings reports can be displayed. For more information, see Configuring Reporting in Configuration Manager.

Specific security permissions must have been granted to manage compliance settings.

You must have the following security permissions to manage compliance settings:

  • To view and manage alerts and reports for compliance settings: Create, Delete, Modify, Modify Report, Read, and Run Report for the Alerts object.

  • To manage configuration baseline deployments: Deploy Configuration Items, Modify Client Status Alert, Modify, Read, and Read Resource for the Collection object.

  • To create and manage configuration baselines and configuration items: Create, Delete, Modify, Modify Folder, Modify Report, Move Object, Read, Run Report, and Set Security Scope permission for the Configuration Item object.

  • To run queries related to compliance settings: Read permission for the Query object.

  • To view compliance settings information in the Configuration Manager console: Read permission for the Site object.

  • To select software updates to be used in configuration baselines: Read permission for the Software Updates object.

  • To view status messages for compliance settings: Read permission for the Status Messages object.

  • For System Center 2012 Configuration Manager SP1 and later:

    To manage user data and profiles configuration items: Author Policy, Modify Report, Read and Run Report for the Settings for user data and profile management object.

The Compliance Settings Manager security role includes these permissions that are required to manage compliance settings in Configuration Manager.

For more information, see the Configure Role-Based Administration section in the Configuring Security for Configuration Manager topic.