Assigning privileges to users - Security Center 5.7

Security Center Administrator Guide 5.7

Applies to
Security Center 5.7
Last updated
2021-12-16
Content type
Guides > Administrator guides
Language
English (United States)
Product
Security Center
Version
5.7

You must grant privileges to users in order for them to do anything in Security Center, including logging on, using Security Desk, and so on.

What you should know

Users have a set of basic privileges, which are privileges explicitly granted to them or inherited from their parent user groups, plus a set of privileges for every partition for which they are an authorized user. Privileges granted or denied at the partition level replace the basic privileges.

You can grant specific privileges to individual users, or allow users to inherit privileges from their parent user groups.

Procedure

  1. From the Config Tool home page, open the User management task.
  2. Select the user to configure, and click the Privileges tab.
  3. Use one of the predefined privilege configurations as your starting point.
    At the bottom of the page, click (), and select one of the following:
    Apply template
    Select one of the privilege templates to apply.

    Privilege templates can be combined. This means that when you apply a privilege template, you always add privileges. Existing privileges can never be removed as a result of applying a privilege template. To start with a clean slate, go to the top of the privilege hierarchy (All privileges) and click Undefined.

    Set configuration to read-only
    Set all entity configuration privileges found under the Administrative privileges group to View properties with Modify properties denied.
    Set configuration to read-write
    Set all entity configuration privileges found under the Administrative privileges group to View, Modify, Add, and Delete.
  4. Fine tune the user privileges by changing the individual privilege settings if necessary.
    Keep in mind that if your user has a parent user group, the privilege inheritance rules apply.
    Allow
    Grant the privilege to the user. You cannot select this option if the privilege is denied to the parent user group.
    Deny
    Deny the privilege to the user.
    Undefined
    Inherit this privilege from the parent user group. If there is not parent user group, this privilege is denied.
  5. If necessary, configure the privilege exceptions for each partition the user has access to.
    When a user is given access to a partition, their basic privileges are applied by default to the partition. As a system administrator, you can overwrite the privileges a user has over a specific partition. For example, a user can be allowed to configure alarms in partition A, but not in partition B. This means that a user can have a different set of privileges for each partition they have access to. Only Administrative and Action privileges, plus the privileges over public tasks, can be overwritten at the partition level.
    1. At the bottom of the page, click Exceptions ().
      The Privilege exception dialog box opens.
    2. In the Create an exception for drop-down list, select a partition.
    3. Change the user's basic privileges as required.

    4. Click Create.
      The privilege exceptions are added at the bottom of the privilege list.

  6. Click Apply.