Stop having the Add Device Wizard adding properties to root group

10 minutes ago, Mike Moniz said:

Please stop having the wizard add snmp and esxi and other properties to the root group when using the Add Device Wizard or respect RBAC permissions for users running the wizard.

We try to use SNMP v3 when possible with all our customers and that doesn't uses the snmp.community property. But if someone uses the wizard for a completely different customer for v2c, it sets snmp.community on root and via inheritance to all other customer's devices and it breaks them. We or our customers then get a bunch of false No Data alerts as LM switch over to using v2c, even with v3 creds provided or our attempts to force v3 with snmp.version. ESXi creds on root can also cause a problem because we sometimes use a domain account for vcenter access, so it looks like "customer/username" and then we end up leaking customer names and usernames to any customer who can look at any info page.

Thanks!

This is a specific case of the more general "RBAC and groups are not sufficient to support an MSP model", which I have been trying to get fixed for years.  There needs to be structural support for multiple clients, not bolted on as is currently done.

I never use the wizard, didn't realize it did this was how it worked :).

Respecting RBAC would fix this issue for me as none of the users adding devices have access to root group. I'm basically forced to ban people from using the wizard as a policy but I can't enforce it and so still happens once in a while.

My recommendation? Stay away from any wizards LM provides.  This stuff happens here and with the "simple" netscan setup, you end up with a bunch of nonsense top-level groups if you are not careful.  I think there should be a knob in the portal settings to disable wizards...

+1 please fix this.

+1 we run into this issue as well. Would love a fix. 

We experience this issue as well. Any eta on fixing?