Users/Administrators permissions using Roles & Groups
Roles
Roles represents permission in the VeridiumID system. Permissions might be linked to Admin console as well to permissions to use veridium product as user: to enroll and authenticate.
Roles are managed in Settings->Group & Roles->Roles:
Default roles are:
Name | Descriptions | Permissions |
|---|---|---|
active | The Active User Role | Default client access,Default user |
admin | The Admin User Role | Cross Application Administrators |
alerts | The Alerts Role. | Alerts administrators |
analyst | The Analyst Role | Analyze data |
appadmin | The Application Admin User Role | Application Administrators |
default | The Default User Role | Default user |
Default permissions are described in detail in the “Authentication, Authorization and Audit in Veridium Manager” section from this chapter.
Groups
Groups links one or several Roles together. Groups might be assigned to individual administrators as well as mapped to users identified by Active Directory group membership.
Groups can be found at Settings->Groups & Roles-> Groups
New group can be added by pressing on link Add Group Actions menu on right part of the page.
The following form will appear. Fill the following group properties:
Name
Description
Roles
Policies - Authentication policies are defined in chapter: Policy
Click Save button on top right corner to create a group.
Existing group can be modified by pressing on edit button icon in Actions column.:
The group parameters can be adjusted.
To map a group to Active Directory group go to Settings-> Admin auth -> Group mapping
In the group mapping administrator can set mapping between Active Directory group and Veridium group defined in the previous chapter.
Icons can be used to Edit or Delete Group Mapping between Active Directory and Veridium group.
Group deletion
Existing group can be deleted by pressing on delete icon in Actions column.
The confirmation message box will appear. You need to press Ok button.
