Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

It is important

...

to have at least one admin user with the scope Admin without setting

...

.  Without this, all users will be able to access the

...

portal with their accounts.

...

 


1)   Go to Settings -> Site Security then click Add.

Image Modified

This table is used to restrict and allow permit users and groups from accessing access to the different areas on of the Portalportal.  The portal is composed of 2 areas:

  • General Admin Area - the general administration section in which operators can manage the devices and policies. This also includes the Reports and Support & Maintenance menus.
  • Settings Admin Area -the settings administration section in which the system administrators can configure the SphereShield suite components.

This table defines the access scope permissionsEach scope that did not specifically define explicitly defined will allow any user to access. 

The access levels are: 

  • Admin without Settings Access - only these users and groups that only they can view may view the General Admin Areaarea, but does do not have access to the Settings Admin Areaarea.
  • Admin with Settings Access- only these users and groups that only they can view may view the General Admin Area area including access to the Settings Admin Areaarea.
  • Admin Selective Menu Items Access - users and groups that can view only specific menu items from the Access Portal Admin Areaportal admin area.

If a user is defined in more than one group than the group with the widest scope of access will be applied. 

These groups are fetched from a resource as defined in users and groups settings

 There are There are three types of access scopes. With the exception of selective menu, any scope that hasn't been defined to a specific group or user means that all users are able to access.

...

2)   Once the Add window is open, select the scope you wish to define.

43)   Choose the access type: Groups or Users

54)   Start typing the name of the group.

Note that the same group can be defined for both admin with settings and admin without settings to prevent end users from entering restricted sections.

If the same group is defined for multiple scopes, then the higher privilege settings winstakes precedence. 

E.g. Setting admin with settings and admin without settings to the group Domain admins means that the Domain admins group will have access to the full access entire Admin portal site.

...

At least one scope set to "Admin without settings"

...

is required for that restriction to take effect.


65) To restrict access to information to for a user that is a member of a team, configure "Users can only see Teams they have permissions on" to "Yes" in the top menu:


Image Modified