Other versions

Using Action Approval

In some organizations, an action requires a separate approval before it can be issued on target computers. This is sometimes known as two-person integrity. Approvers can be other users with the full Administrator role or users with the special "action approval" role. If your organization allows exceptions to approval requirements, you can assign a "bypass approval" role.

Create an action approver role

  1. Go to Permissions > Roles.
  2. Create an advanced role that grants Approve Action permission on the content sets you specify.
  3. Save the configuration.

Create a bypass action approval role

  1. Go to Permissions > Roles.
  2. Create an advanced role that grants Bypass Action Approval permission on the content sets you specify. Actions created by a user with this permission are not subject to approval requirements.
  3. Save the configuration.

Assign the roles to users

  1. Go to Administration > Users.
  2. Click the row for a user and click Edit.
  3. Assign one of the roles you created for action approvers or users who can bypass action approval.
  4. Save the configuration.

Enable Action Approval

  1. Go to Administration > Global Settings.
  2. Search for require_action_approval setting.
  3. Select it and click Edit.
  4. Change the setting value to 1 and click Save to enable it.

If you disable action approval, actions pending approval cannot be completed. To avoid this, ask your approver to clear the list of actions pending approval prior to disabling the feature. Otherwise, you should review the Action History and reissue actions as necessary to get the desired results.

Review the All Pending Approval grid

When action approval is enabled, users with the Administrator reserved role can check the backlog of actions pending approval. Go to Actions > All Pending Approval to review the grid. The grid has the same fields as the Scheduled Actions grid and the same administration tasks can be performed with the action buttons. The distinction is that this grid is filtered to show actions that are pending approval.

Figure  1:  All Pending Approval page

Approve pending actions

When a user with the Administrator role or an "action approver" role logs in, the navigation menu icon includes a notification count of the actions requiring approval.

Figure  2:  Approvals Pending notification

To approve the action:

  1. Go to Actions > Actions I Can Approve.

    You can use Text filters and row sorting to find actions that you want to review.

  2. Select a row.

    Action buttons then appear above the grid.

  3. Click Approve.
  4. Review the Action Summary and click Approve Action.
  5. Enter your password to complete the approval.

Approval of a scheduled action remains in force until the schedule ends or the scheduled action configuration is modified.

Last updated: 11/8/2018 3:15 PM | Feedback