1. Home
    2. Security Operations
    3. Cortex XDR
    4. Cortex® XDR™ Prevent Administrator’s Guide
    5. Get Started with Cortex® XDR™ Prevent
    6. Manage User Roles
    7. Access Management
    8. Manage Users

    Manage Users

    Cortex XDR enables you to manage users in the Access Management console.
    In the
    Users
     page,
    Cortex
    XDR
     lists all the users allocated to a specific Customer Support Portal (CSP) account and tenant. If a user is not listed, ensure that the user is added in the Customer Support Portal. The
    Users
     table provides different fields of information as detailed below. At the top of the page, you can perform the following actions.
    • Import Multiple User Roles
       as a CSV (Comma-separated values) file. This import can be used to quickly add users who already belong to a CSP account and assign them preexisting roles in
      Cortex
      XDR
      . You can use the
      Download example file
       to view the required format of the CSV file to upload and replace the file contents with the data you want to upload, where the following columns must be included.
      • User email
        —The email address of the user belonging to a CSP account that you want to import.
      • Role Name
        —The name of the role that you want to assign to this user, where the role must already be created in
        Cortex
        XDR
        .
      • Is an account role (default=false)
        —A boolean value to define whether the user is designated with an
        XDR Account Admin
         role in the Cortex Gateway. To define this in the CSV file, set the value to
        TRUE
        ; otherwise, the value is set to
        FALSE
         (default).
    • Show User Subset
       to display only the users who are not designated as a
      Hidden
       user (default).
    • Search for something in the search box.
    The following is a description of the different columns in the Users table.
    Certain fields are exposed and hidden by default. An asterisk (*) is beside every field that is exposed by default.
    • User Name
      *—Displays the first and last name of the user.
    • Email
      *—Email address of the user.
    • Direct XDR Role
      *—Name of the role assigned to the user. When the user does not have any
      Cortex
      XDR
       access permission, the field displays
      No-Role
      .
    • Groups
      *—Lists the groups that a user belongs to, where any group imported from Active Directory has the letters
      AD
       added beside the group name.
    • Group Roles
      *—Lists the different group roles based on the groups the user belongs to. When you hover over the group role, the group associated with this role is displayed.
    • Endpoint Scope
      *—Displays the currently assigned Endpoint Scope for the user as either
      All Endpoints
       or
      Specific Groups
      .
    • Last Login Time
      *—Last date and time the user accessed the tenant.
    • Status
      *—Displays whether the user is
      Active
       or
      Inactive
      .
    • First Name
      —Displays the first name of the user.
    • Last Name
      —Displays the last name of the user.
    You can also pivot (right-click) from rows and specific values in the table, where a number of different options are available to help you manage your
    Cortex
    XDR
     users from this page. You can perform these actions on one or more users at a time.
    1. Select
      Settings
      Configurations
      Access Management
      Users
      .
      In the
      Users
       page, a number of different options are available to help you manage users.
    2. Manage your
      Cortex
      XDR
       users.
      The following options are available to help you manage users, which you can perform on one or more users at a time.
      • Update user role for users with an exiting role.
        1. You can either hover over the user name and select the
          Update User Role
           icon ( ), located to the right of the row, or right-click the user name and select
          Update User Role
          . You can also select more than one user to set and manage a role for all these system users belonging to the same group at once.
        2. Select a
          Role
           from the list of default and custom roles that you want to assign the user.
          For a user with an
          XDR Account Admin
           role, you can only degregate their role using the Cortex Gateway.
        3. Add a particular user to a group by selecting the
          User Groups
           from the list.
        4. Show Accumulated Permissions
           for the user(s) based on the
          Role
           and
          User Groups
           assigned to the user(s). Role permissions are comprised of different
          Components
           permissions. By default
          All
           permissions are displayed, which lists the combined permissions of every
          Role
           and
          User Group
           assigned to the user. You can also select the specific roles assigned to the user, which enables you to compare available permissions based on the roles selected. This can help you understand how the role permissions for a particular user are built. For example, if you need to isolate for a specific component, the permissions provided by a particular
          Role
           or
          User Group
          .
        5. Update User
           to save your changes to the user role.
      • Deactivate a user.
        Locate the user you want to deactivate, right-click, and select
        Deactivate User
        .
        You cannot deactivate a user that has an Account Admin role.
      • Remove a role assigned to a user.
        1. Locate the user you want to remove the role from, right-click, and select
          Remove Role
          .
        2. Click
          Remove
          .
          You cannot remove a user that has an Account Admin role.
      • Designate a user as hidden.
        Locate the user you want to hide, right-click, and select
        Hide User
        . When a user is designated as hidden, the user will no longer be displayed in the
        Users
         table when the table is configured to
        Show User Subset
         (default configuration). This is useful, for example, when you have users, who are not related to
        Cortex
        XDR
         and will not be designated with a
        Cortex
        XDR
         role, such as CSP Super Users, and you want to hide them from the list.
      • Copy text to clipboard
         to copy text from a specific row field in the row of a user.
      • Copy entire row
         to copy the text from all the fields in a row of a user.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo