4 Replies Latest reply on May 14, 2015 3:13 PM by streamer

    Non-admin access to ESM

    feeeds

      All users authenticate to the ESM gui with their AD creds today. We only have a small number who all need to be admins in ESM.  We now want to add other domain users but limit what they can see (only firewall events for example) Not finding an easy way to do this. KB84147 is kinda confusing as we don't have a particular AD group defined that grants access to ESM. When we try to set up new non admin accounts in ESM, we just an error about insufficient rights..

        • 1. Re: Non-admin access to ESM
          streamer

          Step 1 - Create a user group that will be administrative access on your Active Directory User and Computers. For ex: GroupName= SIEM_Admins,

          Step 2 - Adding users that you want to be Administrator to SIEM_Admins group,

          Step 3 - Open ESM properties window and click Users and Group button and press add in Group area

          Step 4 - IMPORTANT!!! You must be sure the same name AD Group name with the name of this Name text box! For ex:SIEM_Admins

           

          siem_admins.PNG

          Step 5 - Then press OK button and exit the window. After you make sure that you add to the group created.

           

          Step 6 - IMPORTANT!!! Make sure that users login to your ESM at least once after you add them to the Administrators group. So that the ESM can verify your administrative rights.

           

          Step 7 - After that you can configure privileges as you wish.

           

          I hope this helps you.

           

          Best Regards,

          • 2. Re: Non-admin access to ESM
            feeeds

            so are you saying that in order to configure a user as a non-admin in ESM, I first need to set them up as an admin, then remove their access rights after they login for the first time?

            • 3. Re: Non-admin access to ESM
              aszotek

              you need separate AD group for each group of users, e.g.

              users_group1

              users_group2

              admins_group

              names of AD groups must match with SIEM groups.

               

              you can also combine permissions - if user is member of 2 AD groups, he will have access to modules/items from both.

               

              please be aware that admin rights are not assigned automatically by AD group, you still have to go to user's profile and assign Administrator rights (clickbox), it changes the user icon to yellow bike helmet.

              • 4. Re: Non-admin access to ESM
                streamer

                Answer: Yes . I can able to handle easily just with one AD Group that all permission types or user.