cancel
Showing results for 
Search instead for 
Did you mean: 
feeeds
Level 9
Report Inappropriate Content
Message 1 of 5

Non-admin access to ESM

Jump to solution

All users authenticate to the ESM gui with their AD creds today. We only have a small number who all need to be admins in ESM.  We now want to add other domain users but limit what they can see (only firewall events for example) Not finding an easy way to do this. KB84147 is kinda confusing as we don't have a particular AD group defined that grants access to ESM. When we try to set up new non admin accounts in ESM, we just an error about insufficient rights..

1 Solution

Accepted Solutions

Re: Non-admin access to ESM

Jump to solution

Step 1 - Create a user group that will be administrative access on your Active Directory User and Computers. For ex: GroupName= SIEM_Admins,

Step 2 - Adding users that you want to be Administrator to SIEM_Admins group,

Step 3 - Open ESM properties window and click Users and Group button and press add in Group area

Step 4 - IMPORTANT!!! You must be sure the same name AD Group name with the name of this Name text box! For exSmiley FrustratedIEM_Admins

siem_admins.PNG

Step 5 - Then press OK button and exit the window. After you make sure that you add to the group created.

Step 6 - IMPORTANT!!! Make sure that users login to your ESM at least once after you add them to the Administrators group. So that the ESM can verify your administrative rights.

Step 7 - After that you can configure privileges as you wish.

I hope this helps you.

Best Regards,

4 Replies

Re: Non-admin access to ESM

Jump to solution

Step 1 - Create a user group that will be administrative access on your Active Directory User and Computers. For ex: GroupName= SIEM_Admins,

Step 2 - Adding users that you want to be Administrator to SIEM_Admins group,

Step 3 - Open ESM properties window and click Users and Group button and press add in Group area

Step 4 - IMPORTANT!!! You must be sure the same name AD Group name with the name of this Name text box! For exSmiley FrustratedIEM_Admins

siem_admins.PNG

Step 5 - Then press OK button and exit the window. After you make sure that you add to the group created.

Step 6 - IMPORTANT!!! Make sure that users login to your ESM at least once after you add them to the Administrators group. So that the ESM can verify your administrative rights.

Step 7 - After that you can configure privileges as you wish.

I hope this helps you.

Best Regards,

feeeds
Level 9
Report Inappropriate Content
Message 3 of 5

Re: Non-admin access to ESM

Jump to solution

so are you saying that in order to configure a user as a non-admin in ESM, I first need to set them up as an admin, then remove their access rights after they login for the first time?

Re: Non-admin access to ESM

Jump to solution

Answer: Yes . I can able to handle easily just with one AD Group that all permission types or user.

aszotek
Level 10
Report Inappropriate Content
Message 5 of 5

Re: Non-admin access to ESM

Jump to solution

you need separate AD group for each group of users, e.g.

users_group1

users_group2

admins_group

names of AD groups must match with SIEM groups.

you can also combine permissions - if user is member of 2 AD groups, he will have access to modules/items from both.

please be aware that admin rights are not assigned automatically by AD group, you still have to go to user's profile and assign Administrator rights (clickbox), it changes the user icon to yellow bike helmet.