Overview
You can configure different levels of access to the Surveyor deployment. This article briefly describes its role-based security and permissions model.
Information
Overview of the role-based security model
Surveyor uses a role-based approach to security, following the guidelines of the National Institute of Standards and Technology's RBAC (Role-Based Access Control) model. In this model:
- Roles are created to contain sets of permissions required to access particular administration tasks.
- To grant users access to perform the tasks, you add them to the roles that contain the required permissions.
- The Windows user or group has no direct relationship with the Surveyor task or component. Instead, roles represent business functions, such as Help Desk or Policy Administrator.
Using roles for delegated administration
A built-in Root Administrator role gives members of that role complete access to the Surveyor deployment. By default, anyone who has local administrator permissions in the Surveyor server has Root Administrator access level.
To set up delegated administration, a member of the Root Administrator role does the following in the Administrator Console:
- Adds others to the built-in Administrator role by selecting them from Windows users and groups.
- Creates security roles for specific permissions sets.
- Configures system-wide or group-level permissions in the roles.
- Adds Windows users (or groups) to the roles to apply the role’s permissions sets to those users.
Comments
0 comments
Article is closed for comments.