User Account Management is the authentication and authorization of Director Console users that uses Role Based Access Control (RBAC). RBAC uses the assignment of permissions to control which pools a user has access to through a user’s role and the user group they are assigned to.
Pool authoriztion can be configured by adding the user to a specific User Group while creating and editing a user. Go to User Group to learn how to create a user group, go to Creating User to learn how to add a user to a user group while creating the user and go to Editing User to learn how to add a user to a user group while editing the user.
There are four different user roles:
Root is the default user of the Director Console. There can be only one root user. The root user can upload and view Director license details and perform user management. The default credentials for the root user are:
username: root
password: changeme
If Director Console is deployed using AMI, the default credentials for the root user are:
username: root
password: <AMI-instance-id>
We recommend you change the password after your first login. Go to Changing Your Password for more details.
Admin can view Director license details, perform user management and configure entities on all the pools since it has the access to all the pools by default.
SIEM Engineer can configure the entities only on the assigned pools.
Readonly can only view the entities only on the assigned pools.
The following table lists which permissions are assigned to each user:
Permissions |
Root |
Admin |
SEIM Engineer |
Readonly |
|---|---|---|---|---|
Upload license |
Yes |
No |
No |
No |
View license |
Yes |
Yes |
No |
No |
Create admin users |
Yes |
Yes |
No |
No |
Create regular users |
Yes |
Yes |
No |
No |
Delete regular users |
Yes |
Yes |
No |
No |
Invalidate regular users |
Yes |
No |
No |
No |
Oversee LDAP and ADFS Authentication |
Yes |
No |
No |
No |
Create/Delete/Edit entities |
No |
Yes |
Yes |
No |
Search entities and log sources |
No |
Yes |
Yes |
Yes |
View Config View |
No |
Yes |
Yes |
Yes |
Upload and install assets |
No |
Yes |
Yes |
No |
Configure plugins |
No |
Yes |
Yes |
No |
Perform operations |
No |
Yes |
Yes |
No |
View Centralized Monitoring Dashboard |
No |
Yes |
Yes |
Yes |
Manage Centralized Monitoring Dashboard |
No |
Yes |
Yes |
No |
Configure settings |
No |
Yes |
Yes |
No |
View tasks and retry a failed action |
No |
Yes |
Yes |
No |
Download Devices information as a CSV file |
No |
Yes |
Yes |
Yes |
Perform backup and restore operation for the Director Console machine |
Yes |
No |
No |
No |
Configure SFTP |
Yes |
No |
No |
No |
Resync database |
Yes |
No |
No |
No |
Generate API Tokens |
No |
Yes |
Yes |
No |
