Mediasite - Roles and Permissions
Granular Permissions and Frustration
Mediasite's permissions are quite cool in how granular you can be for roles or even individuals. However, with this means you're going to tear your hair out in trying to figure out whether you're missing some permissions, or even worse if you're trying to compare two roles.
If you're fortunate enough to be able to query the database directly or have a DBA you can bribe, there's a way to save yourself a lot of time. This query will show you all of the roles you've got in the system, and the operation/portal resource they have access to, and the permission associated:
SELECT OPR.Name, MOA.Permission, MR.Name AS 'Role Name', MR.DirectoryEntry FROM OperationAndPortalResources OPR JOIN MediasiteObjects MO ON MO.Id = OPR.Id JOIN MediasiteObjectAces MOA ON MOA.Id = MO.Id JOIN MediasiteRoles MR ON MR.Id = MOA.RoleId ORDER BY MR.Name DESC
If you're only concerned with a few roles, throw in a
WHERE MR.Name IN ('Role1Name','Role2Name',...)
Comparing Two Roles
This is the part that really came in most handy, comparing two roles to see the permissions that one role had that were absent from another.
The results of this query show what the ITSAdministrators have access to, that the SDSupport staff do not have.