Grant Permission to Endpoint Protection Reports in SCCM 2012


While reading the Microsoft forums, I saw a request about how to grant permission on Endpoint reports, so I thought that I would take the time to put together some steps.

· Create an AD security group called Endpoint Protection Reports

· Assign the appropriate users to the AD group

· Create a security role to grant access to the following items:

o Antimalware Policy: Run Reports

o Firewall Setting: Run Reports

o Site: Read

Endpoint Protection Reports Properties

· Assign this security scope to the AD security group: Endpoint Protection Reports

· Now you’re done!

To help make your life easier, I have exported the Endpoint Protection Reports security role which you can download and import on your site.

For more details about the forum post, please see

Leave a Comment

Share via
Copy link