Administrative Users
Table of Contents
Administrative Users
An administrative user is a local or domain user account
that has access to specific administrative or reporting functions
on the ESM Console. Using role-based access control (RBAC), you
can assign specific privileges and responsibilities to a role and
then assign that role to one or more users who require the same
access permissions.
As a best practice, create a separate
administrative account for each person who needs access to the ESM
Console. This provides better protection against unauthorized configuration (or
modification) and enables logging of all actions for each individual
administrator.
Use the ESM Console to assign administrative access to any of
the following account types:
Account Type | Description |
|---|---|
User | (Machine or domain authentication)
Existing domain or local user account used to log into the ESM Console.
The ESM Console authenticates the user in one of two ways:
|
Group | (Domain authentication only) Extends
administrative access to all members of a security group and uses
the authentication credentials defined in Active Directory to authenticates
the user. |
Organizational Unit | (Domain authentication only) Extends
administrative access to all members of an organizational unit and
uses the authentication credentials defined in Active Directory
to authenticates the user. |
The ESM Console does not retain credentials for any administrative
account. To change the credentials of an administrative account,
you must modify them on the local machine if using machine authentication
or in Active Directory if using domain authentication.