Creating and Managing Local Console Users

This topic describes how to:

  • Create a new console user

  • Change the default Admin password for a console user

  • Update the role and/or email address of a console user

  • Change the default page that will be displayed when the user logs in to the Web Console

  • Delete a console user from the list of users

  • Create a report about a console user

To create a new Console User

  1. In the ConfigurationUser ManagementConsole Users tab, click the Create User button.

     

  2. In the Add Console User dialog box that opens, enter the required name for the new Console User.

  3. Enter a local ITM On-Prem (ObserveIT) user, or select an Active Directory domain for authentication.

  4. Enter a password, and confirm the password. The password must be at least 8 characters with a mixture of letters, numbers and special characters.

  5. From the Role drop-down list, select the role of the Console User:

    • Admin: This role has full control over all the management features of ObserveIT. An Administrator can make changes to the ITM On-Prem (ObserveIT) configuration, and is allowed to view all session recordings.

    • View-Only Admin: This role can view session recordings, but cannot gain access to any ITM On-Prem (ObserveIT) configuration option.

    • Config Admin: This role can see all users and their permissions, but can create or delete only "Config Admin" users. Config Admin users are unable to view session recordings. This role can edit the Recording Policy Template.

    • Alerts Analyst: This role is the same as View-Only Admin with additional access to Alert & Prevent Rules and Lists (within the Configuration area). This role cannot access any other ITM On-Prem (ObserveIT) configuration options.

    • Settings Admin: This role is the same as Config Admin (which has access to the Configuration area only), but does not have access to Alert & Prevent Rules and Lists (within the Configuration area). Users with this role can see all users and their permissions, but can create or delete only Settings Admin users. This role can edit the Recording Policy Template.

    • Special Role A: This role is similar to the Admin Role. Like Admin users, a user with this role can make changes to the ITM On-Prem (ObserveIT) configuration and is allowed to view all session recordings. Unlike Admin, a user with this role does not have access to:

      • Configuration > User Management

      • Configuration > Archive > Storage Management

      • Configuration > Settings

    • Special Role B This role is similar to the Alert Analyst Role. In addition, a user with this role has access to:

      • Configuration > Endpoint Management > Recording Policies

    By default, the Allow access to "All Endpoints" group check box is selected for new Console Users, which allows them access to all the deployed ITM On-Prem (ObserveIT) endpoints. If required, you can clear the check box, and then manually grant the Console User the appropriate access rights to either single ITM On-Prem (ObserveIT) endpoints or to endpoint groups.

    Select Allow access to Anonymization screens if you want to allow the user to access. This option is only available for Admin, Config Admin and Settings Admin roles. This option will not display if you select one of the other roles.

    To configure an email address to enable the Console User to receive email notifications:

    1. Enter the user's email address in the Email field, and click Add.

    2. Repeat the above step for each email address you want to add.

    To remove an email address from the list, select it and click Remove.

  6. Configure the default page that will be displayed when a new user logs in to the Web Console.

    By default Automatic (Based on Role) is selected, which usually means that the User Risk Dashboard is the default page that opens after login, exposing data that is relevant to the new user. If no alerts are assigned to the new user, the Endpoint Diary opens by default.

    The default page that opens for Config Admin users is the Admin Dashboard. Admin and View-Only Admin users who access the User Risk Dashboard from the "Automatic" default page, will be automatically assigned permissions to view data in the Dashboard (see Assigning Permissions to Console Users).

    You can change the default page that is displayed upon login by selecting one of the following options: Endpoint Diary, Admin Dashboard, Alerts, Insider Threat Intelligence Dashboard.

    When you have finished configuring the new user, click Add. If required, you can repeat this procedure to add another user.

  7. Click Close to close the Add Console User dialog box.

    The new user is added to the list in the Console Users page; a message is displayed at the top of the page, confirming that the new user was added successfully.

To change the default Admin password of a console user

  1. In the Console Users tab, click the default Admin console user.

    The Edit Console User dialog box opens.

  2. Type the new password, retype it to confirm, and click Update.

  3. Click Close to exit the User Details page.

    A message is displayed, confirming that the update was successful.

 

To update the role and/or email address of an existing Console User

  1. In the Console Users list, click the name of the user whose details you want to update.

  2. In the Edit Console User dialog box, you can change the Role and/or the email address for the Console User.

    Note: You cannot edit the user's credentials or "Authentication" method.

  3. Click the Update button.

    A message is displayed at the top of the Console Users page, confirming that the user was updated successfully.

To change the default page that will be displayed when the user logs on to the Web Console

  1. In the Console Users list, click the name of the relevant user.

  2. In the Edit Console User dialog box, from the Default Page list of options, select the required default page that will be displayed when the user logs in to the Web Console (see Step 7 in "To create a new Console User" above).

To delete a Console User

In the Console Users page, click the Delete link next to the user you want to delete from the Console Users list.

Note the following:

  • Deleting Console Users does not result in any data loss to the recorded sessions, but this action cannot be reversed. If you need to create the Console User after you have deleted it, you must create a new Console User and make sure it has the exact same name and password.

  • Deleting Console Users that are configured with an external Active Directory or LDAP domain will NOT delete the actual user objects from the target Active Directory domain. The deletion simply prevents these users from using the ITM On-Prem Web Console.

To schedule a report or create a new report about a Console User

Related Topic:

ITM On-Prem Web Console Users