Application Roles
The following table provides an overview of Privilege Manager Application Roles.
In general, the Privilege ManagerUser role can view reports, but access may be dependent on each report and the viewing rights assigned to the user's account.
Privilege Manager Administrators
Summary: Can do anything
CRUD Users/ Groups |
View Reports | Run Tasks | Approve Approval Requests | Disclose Passwords | Modify Config, View Install Codes | Modify Policies, Filters, and LSS | View All Items | Upload Files | Create or Revoke Install Codes |
---|---|---|---|---|---|---|---|---|---|
yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Privilege Manager Field Engineering
Summary: Cannot do anything out of the box. Reserved for future use.
CRUD Users/ Groups |
View Reports | Run Tasks | Approve Approval Requests | Disclose Passwords | Modify Config, View Install Codes | Modify Policies, Filters, and LSS | View All Items | Upload Files | Create or Revoke Install Codes |
---|---|---|---|---|---|---|---|---|---|
Privilege Manager Helpdesk Users
Summary: This role has the least permissions. It can disclose passwords and manage approvals only.
CRUD Users/ Groups |
View Reports | Run Tasks | Approve Approval Requests | Disclose Passwords | Modify Config, View Install Codes | Modify Policies, Filters, and LSS | View All Items | Upload Files | Create or Revoke Install Codes |
---|---|---|---|---|---|---|---|---|---|
yes | yes |
Privilege Manager macOS Administrators
Summary: Can do anything an administrator can, but only for macOS policies and resource targets.
CRUD Users/ Groups |
View Reports | Run Tasks | Approve Approval Requests | Disclose Passwords | Modify Config, View Install Codes | Modify Policies, Filters, and LSS | View All Items | Upload Files | Create or Revoke Install Codes |
---|---|---|---|---|---|---|---|---|---|
yes (macOS) | yes | yes | yes | yes | yes | yes (macOS) | yes | yes | yes |
Privilege Manager Unix/Linux Administrators
Summary: Can do anything an administrator can, but only for Unix/Linux policies and resource targets.
CRUD Users/ Groups |
View Reports | Run Tasks | Approve Approval Requests | Disclose Passwords | Modify Config, View Install Codes | Modify Policies, Filters, and LSS | View All Items | Upload Files | Create or Revoke Install Codes |
---|---|---|---|---|---|---|---|---|---|
yes (Unix/ Linux) |
yes | yes | yes | yes | yes | yes (Unix/ Linux) |
yes | yes | yes |
Privilege Manager Users
Summary: This is a read only role that can view all items, disclose passwords, and manage approvals.
CRUD Users/ Groups |
View Reports | Run Tasks | Approve Approval Requests | Disclose Passwords | Modify Config, View Install Codes | Modify Policies, Filters, and LSS | View All Items | Upload Files | Create or Revoke Install Codes |
---|---|---|---|---|---|---|---|---|---|
yes | yes | yes | yes |
Privilege Manager View Password Role
Summary: Can only view current passwords and password change histories of managed users
CRUD Users/ Groups |
View Reports | Run Tasks | Approve Approval Requests | Disclose Passwords | Modify Config, View Install Codes | Modify Policies, Filters, and LSS | View All Items | Upload Files | Create or Revoke Install Codes |
---|---|---|---|---|---|---|---|---|---|
yes |
Privilege Manager Windows Administrators
Summary: Can do anything an administrator can, but only for Windows policies and resource targets
CRUD Users/ Groups |
View Reports | Run Tasks | Approve Approval Requests | Disclose Passwords | Modify Config, View Install Codes | Modify Policies, Filters, and LSS | View All Items | Upload Files | Create or Revoke Install Codes |
---|---|---|---|---|---|---|---|---|---|
yes (Win) | yes | yes | yes | yes | yes | yes (Win) | yes | yes | yes |