Delegated administrators cannot restart (reboot) or manage computers remotely from the ActiveRoles Server Web Interface.
An attempt to restart computer might fail with the following error:
"Administrative Policy returned an error. Attempted to perform an unauthorized operation".
There is a change in the way some access templates work in Active Roles starting with version 6.5 and later.
"Computers - Full Control" Access Template is no longer sufficient to manage computers.
To enable any computer management task except computer restart (reboot):
To enable computer restart (reboot) from Web Interface, the Allow write edsaRestartComputer for edsComputerResourceContainer permission is required.
That permission is not included into any of the Computer Management Access Templates.
You can create a custom Access Template to grant that permission as follows:
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy