Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
32-2
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 32 Distributing Administrative Tasks
Working with User Accounts
User Roles
Table 32-1
User Roles Listing
User Role
Description
admin
The
admin
user is the default user account for the system and has all
administrative privileges. The admin user account is listed here for
convenience, but it cannot be assigned via a user role, and it cannot be edited
or deleted, aside from changing the password.
convenience, but it cannot be assigned via a user role, and it cannot be edited
or deleted, aside from changing the password.
Only the
admin
user can issue the
resetconfig
and
revert
commands.
Administrator
User accounts with the Administrator role have full access to all
configuration settings of the system. However, only the admin user has
access to the
configuration settings of the system. However, only the admin user has
access to the
resetconfig
and
revert
commands.
Note
AsyncOS does not support multiple administrators configuring the
Email Security appliance from the GUI simultaneously.
Email Security appliance from the GUI simultaneously.
Technician
User accounts with the Technician role can perform system upgrades, reboot
the appliance, and manage feature keys. Technicians can also perform the
following actions in order to upgrade the appliance:
the appliance, and manage feature keys. Technicians can also perform the
following actions in order to upgrade the appliance:
•
Suspend email delivery and receiving.
•
View status of workqueue and listeners.
•
Save and email configuration files.
•
Back up safelists and blocklists. Technicians cannot restore these lists.
•
Disconnect the appliance from a cluster.
•
Enable or disable remote service access for Cisco technical support.
•
Raise a support request.
Operator
User accounts with the Operator role are restricted from:
•
Creating or editing user accounts.
•
Issuing the
resetconfig
command.
•
Upgrading the appliance.
•
Issuing the
systemsetup
command or running the System Setup
Wizard.
•
Issuing the
adminaccessconfig
command.
•
Performing some quarantine functions (including creating, editing,
deleting, and centralizing quarantines).
deleting, and centralizing quarantines).
•
Modifying LDAP server profile settings other than username and
password, if LDAP is enabled for external authentication.
password, if LDAP is enabled for external authentication.
Otherwise, they have the same privileges as the Administrator role.
Guest
Users accounts with the Guest role can only view status information and
reports. Users with the Guest role can also manage messages in quarantines,
if access is enabled in a quarantine. Users with the Guest role cannot access
Message Tracking.
reports. Users with the Guest role can also manage messages in quarantines,
if access is enabled in a quarantine. Users with the Guest role cannot access
Message Tracking.