Step 1 - Create a user group that will be administrative access on your Active Directory User and Computers. For ex: GroupName= SIEM_Admins,
Step 2 - Adding users that you want to be Administrator to SIEM_Admins group,
Step 3 - Open ESM properties window and click Users and Group button and press add in Group area
Step 4 - IMPORTANT!!! You must be sure the same name AD Group name with the name of this Name text box! For ex:SIEM_Admins
Step 5 - Then press OK button and exit the window. After you make sure that you add to the group created.
Step 6 - IMPORTANT!!! Make sure that users login to your ESM at least once after you add them to the Administrators group. So that the ESM can verify your administrative rights.
Step 7 - After that you can configure privileges as you wish.
I hope this helps you.
so are you saying that in order to configure a user as a non-admin in ESM, I first need to set them up as an admin, then remove their access rights after they login for the first time?
you need separate AD group for each group of users, e.g.
names of AD groups must match with SIEM groups.
you can also combine permissions - if user is member of 2 AD groups, he will have access to modules/items from both.
please be aware that admin rights are not assigned automatically by AD group, you still have to go to user's profile and assign Administrator rights (clickbox), it changes the user icon to yellow bike helmet.
Answer: Yes . I can able to handle easily just with one AD Group that all permission types or user.