I am trying to configure Eramba so that I can use it without my user account being in the special Admin group. My goal is to have a user account for myself and a few others that basically have access to everything. I have watched the videos and read documentation about users, groups, and authorization. It all makes sense, but I am having trouble in practice.
I created several compliance packages populated with prebuilt compliance items from NIST. Along with these, I have begun authoring a compliance package from scratch representing security policy items required by our parent organization. So far this custom package contains a single compliance package item. These I assigned ownership to an “IT Staff” group as shown in the image below.
When I sign in to my non-Admin user, I can see all 5 compliance packages as expected. The screenshot above was taken while signed into this user.
My problem is that my custom compliance package does not show within Compliance Analysis unless I am signed in as an Admin. In the screenshot below you can see that my custom policy package does not appear within available filters.
What permissions might my user account lack such that it can see a compliance package under “Dashboard → Compliance Packages” but then not see it under “Dashboard → Compliance Analysis”?
Another curious thing is that I can access package items for my custom compliance package one way, but not another.
If I navigate to “Dashboard → Compliance Packages → Compliance Package Items”, then I do not see my custom compliance package and I cannot select it from the available filters.
If I navigate to “Dashboard → Compliance Packages”, then click on ‘Show’ within the ‘Compliance Packages’ field of my custom package, then it takes me to “Dashboard → Compliance Packages → Compliance Package Items” filtered to the compliance package I otherwise can’t view.
This problem doesn’t seem to be related to groups or group permissions after all. I’m only able to find the system filter for my custom compliance package when I am signed in as the local Admin user. Other users who are members of the “Admin” group do not see the filter.
If that works , then you need to save that filter with the name of your compliance package (or whatever name) and let us know , because there must be a bug somewhere that does not automatically creates the filter.
You are right. The only thing my other accounts lack access to is the system filter. Here is a screenshot of the filter that was automatically created when I made the compliance package using the Admin user. This filter does not appear when I sign in as a different account.
In the screenshot I highlighted the ‘Private’ setting thinking that was the reason, but the filter for other compliance packages do show up for other users.
