Device Profiles created in and managed by one organization group (OG) are in a read-only state when accessed by a logged-in administrator with lower-level privileges. The profile window reflects this read-only state by adding a special comment, “this profile is being managed at a higher organization group and cannot be edited.”.

This read-only limitation applies to smart group assignments as well. When a profile is created at a parent OG and is assigned to a smart group, a child OG admin can see but not edit it.

Such behavior maintains a hierarchy-based security and fosters communication among admins.