|
|
|
In This Section: |
To log into SmartProvisioning:
From the SmartConsole Menu, select SmartProvisioning.
Login administrator permissions to the SmartProvisioning Console are defined in SmartConsole or in the Check Point Configuration Tool. In SmartConsole, you can further define specific administrator permissions, such as provisioning devices with SmartProvisioning.
To edit the Permissions Profile of an administrator of SmartProvisioning:
The Administrator properties window opens.
The New Profile window opens.
Option |
Write |
Read |
Cleared |
|---|---|---|---|
SmartLSM Gateway Database |
Add, edit, delete, assign provisioning profiles to gateways |
Assign provisioning profiles to gateways |
Provisioning features are unavailable |
System Backup, System Restore and Open Shell |
Edit all gateway network settings |
View gateway network settings |
Gateway network settings are unavailable |
The changes in permissions are applied the next time the administrator logs in.
Multiple administrators can work on the SmartProvisioning GUI client on the same Security Management Server at the same time. To avoid configuration conflicts, every administrator has their own username, and works in a session that is independent of the other administrators.
When an administrator logs in to the SmartProvisioning GUI client, a new editing session starts. The changes made during the session are only available to that administrator. If another administrator tries to change the edited objects, this error message shows: Failed to update <object_name>. Could not access file for write operation.
To make your changes available to other administrators and for the SmartLSM and SmartProvisioning appliances, you must publish the session. When you publish a session, a new database version is created.
To be able to perform certain actions on the managed appliances, such as Push Policy or Push Settings and Actions, you are prompted to publish all unpublished changes in the current session. When the administrator performs these actions, unpublished changes from other sessions are not included.
To publish a session:
In the SmartProvisioning toolbar, click Publish.
When you click Publish, a window opens which includes the publish date and name of administrator. Best Practice - In this window, we recommend that you add a brief description of the changes that you made in the session. This is useful for auditing and troubleshooting purposes.
Note - When there are unpublished changes in the session, the Publish button is colored in yellow.
When a session is published, a new database version is created and shows in the list of database revisions.
For more information on the R80 session architecture, see the Check Point R80.10 Security Management Architecture Overview.
