Cisco Cisco FirePOWER Appliance 7115
Version 5.3
Sourcefire 3D System User Guide
1988
Managing Users
Managing User Accounts
Chapter 46
Modifying User Privileges and Options
L
ICENSE
: Any
After adding user accounts to the system, you can modify access privileges,
account options, or passwords at any time. Note that password management
options do not apply to users who authenticate to an external directory server.
You manage those settings on the external server. However, you must configure
access rights for all accounts, including those that are externally authenticated.
For externally authenticated users, you cannot remove the minimum access
For externally authenticated users, you cannot remove the minimum access
rights through the Sourcefire 3D System user management page for users
assigned an access role because of LDAP group or RADIUS list membership or
attribute values. You can, however, assign additional rights. When you modify the
access rights for an externally authenticated user, the Authentication Method
column on the User Management page provides a status of External - Locally
Modified.
Note that if you change the authentication for a user from externally authenticated
Note that if you change the authentication for a user from externally authenticated
to internally authenticated, you must supply a new password for the user.
To modify user account privileges:
A
CCESS
: Admin
1. Select System > Local > User Management.
The User Management page appears.
2. Click the edit icon (
) next to the user you want to modify.
The Edit User page appears.
3. Modify the account or accounts as needed:
•
See
for a description of how users can be authenticated through external
servers.
•
See
on page 1979 for information on
changing password settings for internally authenticated users.
•
See
on page 1981 for more information on
configuring roles to grant access for Sourcefire 3D System functions.
Understanding Restricted User Access Properties
L
ICENSE
: Any
You can restrict the data that a user role can view in the event viewer by applying
a restricted search to that role. You can specify this information when creating or
editing the role assigned to a user. To create a custom role with restricted access,
you must choose the tables you want to restrict from the Menu Based
Permissions list, then select private saved searches from the Restrictive Search
drop-down lists. For more information, see