Cisco Cisco Content Security Management Appliance M1070 Guía Del Usuario
12-2
Cisco IronPort AsyncOS 8.0 for Security Management User Guide
Chapter 12 Distributing Administrative Tasks
Predefined User Roles
Except as noted, you can assign each user a predefined user role with the privileges described in the
following table, or a custom user role.
following table, or a custom user role.
Table 12-1
Descriptions of User Roles
User Role Name
Description
Web Reporting/
Scheduled
Reports
Reports
Capability
admin
The admin user is the default user account for the system and
has all administrative privileges. The admin user account is
listed here for convenience, but it cannot be assigned via a user
role, and it cannot be edited or deleted, aside from changing the
password.
has all administrative privileges. The admin user account is
listed here for convenience, but it cannot be assigned via a user
role, and it cannot be edited or deleted, aside from changing the
password.
Only the admin user can issue the resetconfig and revert
commands.
commands.
Yes/Yes
Administrator
User accounts with the Administrator role have full access to all
configuration settings of the system.
configuration settings of the system.
Yes/Yes
Operator
User accounts with the Operator role are restricted from:
•
Creating or editing user accounts
•
Upgrading the appliance
•
Issuing the
resetconfig
command
•
Running the System Setup Wizard
•
Modifying LDAP server profile settings other than
username and password, if LDAP is enabled for external
authentication.
username and password, if LDAP is enabled for external
authentication.
Otherwise, they have the same privileges as the Administrator
role.
role.
Yes/Yes
Technician
User accounts with the Technician role can initiate system
administration activities such as upgrades and reboots, save a
configuration file from the appliance, manage feature keys, and
so forth.
administration activities such as upgrades and reboots, save a
configuration file from the appliance, manage feature keys, and
so forth.
Access to the
System
Capacity report
under the Email
tab
System
Capacity report
under the Email
tab
Read-Only Operator
User accounts with the Read-Only Operator role have access to
view configuration information. Users with the Read-Only
Operator role can make and submit most changes to see how to
configure a feature, but they cannot commit them or make any
change that does not require a commit. Users with this role can
manage messages in the spam quarantine, if access is enabled.
Users with this role cannot access the file system, FTP, or SCP.
view configuration information. Users with the Read-Only
Operator role can make and submit most changes to see how to
configure a feature, but they cannot commit them or make any
change that does not require a commit. Users with this role can
manage messages in the spam quarantine, if access is enabled.
Users with this role cannot access the file system, FTP, or SCP.
Yes/No