With administrative roles you can secure access to the Console and the Management Portal by assigning different levels of access to authorized users. Because users can access the Management Portal from any location, it is best practice to secure access to it with administrative roles to prevent unauthorized access. If you do not, ALL users will be able to access it. This includes users who should only have access to the Management Portal.
You can configure administrative roles in the Console.
Access is determined by two things:
- A login account authenticates a user as a legitimate Console user. Each login account must be assigned to at least one administrative role to be granted access to the Console and the Management Portal: login accounts that are not assigned to an administrative role do not have access.
- An administrative role determines what a user is allowed to do: view information (Read), change information (Modify) or nothing (Deny).
For example, by configuring different levels of access to the Console, you can allow Help desk employees to schedule predefined and tested Run Books, but disallow them to make changes to any of these Run Books. This allows Help desk employees to perform complex tasks without you running the risk that they make changes to these tasks.
- Trusts security: to configure Trust relationships between Agents and Modules and between Agents and Resources. These relationships determine whether or not an Agent can execute a Job with these Modules and Resources.