Versions Compared

Old Version 1

changes.mady.by.user Ann Base

Saved on

compared with

New Version 2

changes.mady.by.user Ann Base

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Minor

In Hybrid Access Gateway you can create different administrative roles with different privileges and responsibilities, this is called delegated management. Each role can be assigned to one or several users stored in the registered user storage location. Roles are used as alert receivers in the Monitor System > Manage Alerts page and selected roles receive notification messages about selected alert events. You can add any number of roles and assign them one or several of the pre-configured privileges available. All privileges can be combined.

If you plan to use a role for alerts, you need to ensure that selected users have registered e-mail addresses and/or cell phone numbers.

Pre-configured privileges that can be set for different roles

Privilege

Description

Help desk administration

Can add, edit, and delete all saved settings for a user account.

User account management

Have access to all available functionality in the Manage Accounts and Storages section.

Resource management

Can add, edit, and delete resources, both resource hosts and resource paths and can also manage Application Portal items.

Resource path management

Can add, edit, and delete resource paths for selected resource hosts.

View logs

Can view logs for all servers in the Hybrid Access Gateway network.

Publish

Can publish updated configuration.

User linking administration

Can manage users linked to a user storage. This includes creation of linked users and deletion or reparation of existing links.

User log viewer

Can view user logs found in the General Settings tab of the Edit user page.

User signing requester

Can send signing requests to provisioned users.

Pre-defined roles

RoleDescription
Help Desk

The Help Desk role has privileges to manage user groups.

Signing RequesterThe Signing Requester role has privileges to send signing requests to provisioned users.
Super AdministratorThe Super Administrator role has all privileges and rights.


Prerequisites

Expand
titlePrerequisites

If you plan to use a new role for alerts, make sure that the selected users for the role have registered email addresses and/or cell phone numbers. 

Step-by-step instruction

Expand
titleLog in to Hybrid Access Gateway administration interface
  1. Log in to the Hybrid Access Gateway administration interface with your admin user.


Expand
titleAdd roles and assign them privileges

  1. In the Hybrid Access Gateway administration interface, go to Manage System.

  2. Click Delegated Management.

  3. Click Add Role…
  4. Enter a Display Name and Description and select privilege(s) for the new role. Click Next when done.
  5. To define which user accounts the role will manage, select user group from the drop-down list and click Add Group.
  6. Click Next.

  7. To assign the role to specific administrators, click Add Administrator… and enter a User ID on the next page.

    Note
    The User ID must exist and be linked in the directory service before you can use delegated administration. The User ID's directory password is used to login to the administration interface. To enable any other authentication methods, use the Standard resource of 'Nexus Administration' with a new 'Access Rule' All access must then go via the Access Point.


  8. To assign entire user groups to the role, select a previously registered administrator group from the Select Administrator Groups drop-down list and click Add Group.
  9. Click Finish.
Note

The roles Help Desk and Super Administrator are predefined roles, and they cannot be deleted.



Related information