User Management in Management Console

Users (or user accounts) are required for access to the Management Console and other Cloud services.

• There are several user roles to choose from. They make it possible to differentiate access to data and features within a company.
• Customers can have an unlimited number of users.

User roles

The following user roles are available:

• SuperUser
• Administrator
• Manager
• Operator
• Supporter

Security Officer is an additional permission setting which can be applied to certain roles to provide additional access to generate a passphrase:

• SuperUser
• Administrator
• Manager
• Operator

For details about what actions each user role can perform, see User Role Permissions .

Role Permissions

Please see the table below for access permissions available to each of the roles.

Key

The following icons indicate availability:

Key	Status	Description
	Available	Is available for all
	Limited Availability	Is available for with limitations (see Note for additional information)
	Read Only	Is available in read only mode
	Not Available	Is not available

Device Management

Task	SuperUser with security officer	SuperUser	Administrator with security officer	Administrator	Manager with security officer	Manager	Operator with security officer	Operator	Supporter
Adding devices					(Note) Self-managed installation only	(Note) Self-managed installation only
Managing devices All features except adding devices and generating passphrases
Managing Microsoft 365 domains		(Note) Cannot delete services or delete account/site backup history	(Note) Cannot delete services or delete account/site backup history		(Note) Cannot delete services or delete account/site backup history		(Note) Cannot delete services or delete account/site backup history
Managing views
Export of monthly device statistics
Generating passphrases Passphrases are used instead of Encryption Key/Security Code during the re-installation of automatically deployed devices, for the cleanup of backup data sources and for the addition of devices to the Recovery Console.
Sending remote commands to devices
Launching backup devices remotely

Continuity

Task	SuperUser with security officer	SuperUser	Administrator with security officer	Administrator	Manager with security officer	Manager	Operator with security officer	Operator	Supporter
Recovering data in Backup Manager
Recovering data in Recovery Console		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Encryption Key/Security Code, this user level will be able to proceed with the recovery via Recovery Console.		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Encryption Key/Security Code, this user level will be able to proceed with the recovery via Recovery Console.		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Encryption Key/Security Code, this user level will be able to proceed with the recovery via Recovery Console.		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Encryption Key/Security Code, this user level will be able to proceed with the recovery via Recovery Console.
Recovery Testing		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Encryption Key/Security Code, this user level will be able to proceed with the recovery via Recovery Console.				(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Encryption Key/Security Code, this user level will be able to proceed with the recovery via Recovery Console.
StandBy Image		(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Encryption Key/Security Code, this user level will be able to proceed with the recovery via Recovery Console.				(Note) If the device uses Passphrase-based encryption, this user level does not have access to generate these and so will not be able to add the device to the Recovery Console. If the device uses a Encryption Key/Security Code, this user level will be able to proceed with the recovery via Recovery Console.
Recovery Locations

Miscellaneous

Task	SuperUser with security officer	SuperUser	Administrator with security officer	Administrator	Manager with security officer	Manager	Operator with security officer	Operator	Supporter
Managing backup profiles Feature available to Resellers and end-customers only
Managing contact notes
Managing contacts Names of customer representatives and their contact details
Managing customers
Managing notifications
Managing retention policies
Managing users All features except for managing security officers
Managing API users
Managing security officers Flagging SuperUsers as Security Officers and removing the flag

Managing security officers

The first SuperUser who logs in to the Console is immediately flagged as a security officer. Only security officers can manage other security officers including themselves.

To add a user with the security officer permissions, do the following:

1. Log in to the Management Console as a user with security officer permissions
2. Navigate to the User Management module
3. Click Add user
4. Set the user role to SuperUser, Administrator, Manager or Operator

   

5. Select the Security officer checkbox
6. Click Add

You can also grant or remove security officer permissions to existing SuperUsers if necessary (see Edit user dialogue).

Each customer of the Reseller or End Customer level must have at least 1 security officer. You cannot delete the last security officer.

Single Sign-On

Users log into the Management Console through a Single Sign-On service.

Please visit N-able Login in Management Console for further information.