Cisco Cisco Firepower Management Center 4000
48-63
FireSIGHT System User Guide
Chapter 48 Managing Users
Managing User Role Escalation
The User Management page appears.
Step 2
Click
User Roles
.
The User Roles page appears.
Step 3
Click
Configure Permission Escalation
.
The Configure Permission Escalation dialog box appears.
Step 4
Select a user role from the drop-down list.
Step 5
Click
OK
to save your changes.
Your changes are saved and the User Roles page appears.
Note
Changing the escalation target role is effective immediately. Users in escalated sessions now
have the permissions of the new escalation target.
have the permissions of the new escalation target.
Configuring a Custom User Role for Escalation
License:
Any
To use the user role escalation feature, you must first configure a custom user role with the escalation
permission, select its escalation password, and assign that role to a user. For more information, see
permission, select its escalation password, and assign that role to a user. For more information, see
Consider the needs of your organization when you configure the escalation password for a custom role.
If you want to easily manage many escalating users, you may want to select another user whose password
serves as the escalation password. If you change that user’s password or deactivate that user, all
escalating users who require that password are affected. This allows you to manage user role escalation
more efficiently, especially if you select an externally authenticated user that you can manage centrally.
If you want to easily manage many escalating users, you may want to select another user whose password
serves as the escalation password. If you change that user’s password or deactivate that user, all
escalating users who require that password are affected. This allows you to manage user role escalation
more efficiently, especially if you select an externally authenticated user that you can manage centrally.
To configure a custom user role for escalation:
Access:
Admin
Step 1
Select
System > Local > User Management
.
The User Management page appears.
Step 2
Click
User Roles
.
The User Roles page appears.
Step 3
Click
Create User Role
to create a new custom user role, or the edit icon (
) next to an existing custom
user role.
The User Role Editor page appears.
Step 4
Choose a name, description and menu-based permissions for the custom user role.
For more information, see the procedure in
.
Step 5
In System Permissions, select the
Set this role to escalate to:
check box.
The escalation password options appear.
Step 6
Select the password that this role uses to escalate. You have two options: