Add feature for report only accounts (Planned)

Avatar
Ryan Clark

We should have a feature to allow “report only” customer accounts at the time of adding. MSPs may want to exclude some customers from changes, for example when a solution baseline or intune config policy is assigned to “ALL” this report only customer would not receive any changes.

Our partner's wording:

we have some customers where we not want to do any changes, we just monitor the tenant and report on it. I am missing some kind of report only modus. I want to avoid that anything can be impacted or changed for these customers. If someone assigns some policy by accident on all customers. It should not be able to impact those who we do not want to right to.

5

Comments (7 comments)

Sort by
0
Avatar
Dave Stephenson

Thanks, Ryan. 

It looks like you and Doug may be on the same wave-length here.

Set default assignment for solutions baseline to report-only – Nerdio Help Center

Do you think what he's asking for will work for you?

3
Avatar
Arthur Taragola
(Edited )

I think Thomas is indeed asking for a feature on the same level. All though Thomas is only asking for solution baselines default behavior, we would like the report only feature on a customer level. Currently Nerdio is too ‘powerful’ by default. Ideally on onboarding we want to safeguard the environment of the customer and only report back to them when settings change/ best practices update…  Also from a security standpoint we do not want the ability to write anything to these customers environments.

3
Avatar
Ryan Clark

For example, adding a new checkbox, a report only checkbox, during the account add process, making the customer account as a whole report only. 
 

0
Avatar
Dave Stephenson

Great ideas guys!
There's obviously some use-cases for this.
Out of curiosity

  • Would you want to go from Read-Only to Read-Write? (I'm guessing in a tiered approach (i.e. Enable RW for Intune, then Solution Baselines, etc.)?)
  • Are there any scenarios where you would want some users to have the RW permissions while the rest of your company (and Nerdio Manager as a whole) is ReadOnly?

I ask because we currently have Limited Access Mode, but it has the draw-back of being irreversible without removing/readding the account.

 

0
Avatar
Arthur Taragola
(Edited )

Tiered approach in my opinion is not necessary. I agree with Ryan that you define the access tier on customer onboarding. and when you select readonly, you should not be able to wite anything on any level, only reporting will work.

I think ideally we would have the option to ‘swap’ between read only and read/write (maybe in settings). But if is not possible , thats not a deal breaker for me. I dont mind a reonboarding with other rights, because we will have to face the customer anyway because the way we operate for them will change thus a reonboarding does not seem far fetched. 

1
Avatar
Dave Stephenson

Thanks, Arthur!
It's good to know it won't be a deal-breaker to re-onboard.
And, like you said, you're going to be having a conversation with the customer so it's the perfect opportunity, if we're not able to automatically change the permissions.

We'll have to see what our product team can do with this. 😎

1
Avatar
Gido Veekens

Hi Arthur Taragola . We’re actively reworking our permission model to give you more control and finer-grained access to customer tenants. Eventually this will also unlock full read-only scenarios, just like you mentioned, without the need to re-onboard your customer accounts. I don’t have a firm ETA yet, but you can expect to see the first changes roll out in the coming months. Thanks for sharing your use cases!

Please sign in to leave a comment.