It's entirely dependant on what rights/permissions they have for the Console.
The idea is that the two mirror each other. I.e. - "if you have SLM permissions - you'll have access to the SLM module in Workspaces. If you have Patch permissions in the console, you'll have the Patch-module in Workspaces" and so on.
So - check / look at the Console permissions/rights you've got configured for your user(s).
Hope this helps?
@ma92675 If I understand it correctly - with SW distribution permission every Public package will be listed and available to push to the clients - I wish there was a way to limit this too!
It's sort of the purpose of a "public" package to be ... well - public.
If you could be more specific as to what you're actually trying to achieve (i.e. "the full picture"), I think that may be more helpful here. I suspect that we may be able to help a bit more if we understand the whole story / problem you're trying to address.
As always - thank you for reaching out!
The full picture is that we wanted to limit access to some packages, so they can be installed/viewed only by certain LIT depts.
Let's say there are 3 IT departments - USA, Germany, India
Some packages are common for all departments (can be installed on any machine), but some packages should be visible only for Germany LIT (if they buy SW with license there) and same goes for other locations.
We had this set with our previous SD system, but we did not find out a way to set this in Ivanti (Our partner did not know either) May be we just need to adjust our mind to different logic of Invanti SD.
Same here, we have some analysts that are allowed to install certain software, and some who are allowed to install any software. The difference, for example, are our Service Desk folks vs our Network Admins. We don't want our ServiceDesk the ability to install Server software on desktops, or run Network Admin scripts against machines. Right now via Workspaces software install (not the catalog), they have access to everything.
Have you considered playing with "teams" then?
That way, you have private vs public, and "part / not part" of a team.
So for instance, you can share a package in a "High priviledge" type team, and those people who aren't allowed to see it, shouldn't see it?
Should sort you guys out (may just involve some setting up of teams for the (web-)console users)?