User management in Management Console

Users (or user accounts) are required for access to the Console and other Cloud services.

• There are several user roles to choose from. They make it possible to differentiate access to data and features within a company.
• Customers can have an unlimited number of users.

User roles

The following user roles are available:

• SuperUser
• Administrator
• Manager
• Operator
• Supporter

Security Officer is an additional setting which can be applied to certain roles to provide additional access to generate a passphrase:

• SuperUser
• Administrator
• Manager
• Operator

Key

The following icons indicate availability:

Key	Status	Description
	Available	Is available for all
	Limited Availability	Is available for with limitations (see Note for additional information)
	Read Only	Is available in read only mode
	Not Available	Is not available

Please see the table below for access permissions available to each of the roles.

Task	SuperUser with security officer permissions	SuperUser	Administrator with security officer permissions	Administrator	Manager with security officer permissions	Manager	Operator with security officer permissions	Operator	Supporter
Automatic Deployment This feature is available to resellers and end-customers. It is used by the Quick Installation method.
Export of monthly device statistics
Generating passphrases Passphrases are used instead of security codes during the re-installation of automatically deployed devices, for the cleanup of backup data sources and for the addition of devices to the Recovery Console.
Launching backup devices remotely
Recovering data in Backup Manager
Recovering data in Recovery Console		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Security code/Encryption key, this user level will be able to proceed with the recovery via Recovery Console.		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Security code/Encryption key, this user level will be able to proceed with the recovery via Recovery Console.		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Security code/Encryption key, this user level will be able to proceed with the recovery via Recovery Console.		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Security code/Encryption key, this user level will be able to proceed with the recovery via Recovery Console.
Recovery Testing		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Security code/Encryption key, this user level will be able to proceed with the recovery via Recovery Console.				(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Security code/Encryption key, this user level will be able to proceed with the recovery via Recovery Console.
StandBy Image		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Security code/Encryption key, this user level will be able to proceed with the recovery via Recovery Console.				(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Security code/Encryption key, this user level will be able to proceed with the recovery via Recovery Console.
Recovery Locations
Managing backup profiles Feature available to resellers and end-customers only
Managing contact notes
Managing contacts Names of customer representatives and their contact details
Managing customers
Managing devices All features except for aQuick Installation and generating passphrases
Managing Microsoft 365 domains		(Note) Cannot delete services or delete account/site backup history	(Note) Cannot delete services or delete account/site backup history		(Note) Cannot delete services or delete account/site backup history		(Note) Cannot delete services or delete account/site backup history
Managing products
Managing security officers Flagging SuperUsers as Security Officers and removing the flag
Managing users All features except for managing security officers
Managing views
Sending remote commands to devices

Adding users

You can add new users for your own company and for your customers. Here are steps to follow:

1. In the vertical menu, click User management
2. Click Add user

   

3. Fill out the fields as fully as you can

   

4. Ensure that you check API Authentication if the user needs to be able to log in to the platform via an API call

If disabled, the user cannot log in to the platform via API. They will only be have access via the Web portal.

5. Ensure you check Security Officer if the user role if the user needs to be able to generate a passphrase
6. Click Add to apply the changes

The owner of the new user account will get an email notification with a password setup link.

Editing users

You can change any of the settings configured for a user except for the log-in name. Here is how to:

1. Click the pen icon next to the name of the user you want to edit
2. Edit the settings as required and click Save to apply

For extra security, users control password management. To change their password the user goes to Login to the Backup Console, selects Forgot password? then enters the their email address to Reset your password.

Where this email address corresponds to a user in the system, we send an email notification containing a link to reset their password.

API Authentication can be enabled and disabled for users after they have been added through the edit user functionality.

Removing users

Here is how to remove a user from the system:

1. Click the trashcan icon next to the name of the user
2. Confirm your intention to proceed

After a user is removed, it will not be possible to access the Console with the deleted user account. All people logged in under that account will be logged out within the next 15 minutes.

Managing security officers

The first SuperUser who logs in to the Console is immediately flagged as a security officer. Only security officers can manage other security officers including themselves.

To add a user with the security officer permissions, do the following:

1. Log in to the Management Console as a user with security officer permissions
2. Navigate to the User Management module
3. Click Add user
4. Set the user role to SuperUser, Administrator, Manager or Operator

   

5. Select the Security officer checkbox
6. Click Add

You can also grant or remove security officer permissions to existing SuperUsers if necessary (see Edit user dialogue).

Each customer of the reseller or end-customer level must have at least 1 security officer. You cannot delete the last security officer.

Single Sign-On

Users log into the Management Console through a Single Sign-On service.

Please visit N-Able Single Sign-On (SSO) in Management Console for further information.