Online Help > Management > Security Online Help

User Management

2019-08-08

Description

 

BadgeNotice48x48

In order to create users and assign rights, you must be administrator of not only Devolutions Password Server, but also of the underlying database.

 

The Users Management is available from Administration - Users within Remote Desktop Manager or on the toolbar of the Devolutions Password Server Console. Users management allows you to create, and manage users and their permissions.Devolutions Password Server offers advanced user rights management that allows for restricting access to entries. Please note that some features availability depends on the active data source.

 

Manage Users in Devolutions Password Server Console

Manage Users in Devolutions Password Server Console

 

Manage Users in Remote Desktop Manager

Manage Users in Remote Desktop Manager

 

Users management dialog

Users management dialog

 

Settings

Create users

To create a new user in your data source click on Add User.

 

User Management - Add User

User Management - Add User

 

User Management Settings

General

User Management - General

User Management - General

 

OPTION

DESCRIPTION

Authentication type

Select the user's authentication type:

Custom (Devolutions): create a user specific to Devolutions Password Server without creating an SQL login.

Domain : authenticate using the Active Directory user account.

Database (SQL Server): authenticate using the SQL login from your SQL Server.

Login

Enter the login name for the user.

Password

Enter the user's Password. This field is only enable using Custom (Devolutions).

User type

Select the type of user to create: Select between:

Administrator: grant full administrative rights to the user.

Read only user: grant only the view access to the user.

Restricted user: select which rights to grant to the user.

User: grant all basic rights to the user (Add, Edit, Delete).

Full name

Displays the First name and Last name of the Information tab.

Email

Insert the user's email address.

 

Information

The Information section allows for storing information regarding the users, such as their name, address, and more. The Information section is divided in three sub-sections: Details, Address, Phone.

 

User Management - Information

User Management - Information

 

Two-Factor

The Two-Factor section allows to configure one of the 2 Factor Authentication method. For more information, please consult the 2-Factor Authentication topic.

 

User Management - Two-Factor

User Management - Two-Factor

 

Roles

Select roles to assign to the user.

 

User Management - Roles

User Management - Roles

 

OPTION

DESCRIPTION

Roles

Check the Is Member box to assign the role to the user. Consult Role Management topic for more information.

 

Privileges

User Management - Privileges

User Management - Privileges

 

OPTION

DESCRIPTION

Allow reveal password in Properties

Allows the user to use the Reveal Password command.

Allow drag-and-drop

Allows the user to move the sessions using drag-and-drop from other applications.

View session details

Allows the user to see the content of the Details tab for all sessions.

View information section

Allows the user to see the content of the Information tab for all sessions.

Activity logs

Allows the user to see the content of the Logs that applies to a session.

Import

Allows the user to Import sessions (Clipboard - Paste as well).

The import menu (File - Import) and the import feature in the context menu will be grayed out if the option is not active.

Export

Allows the user to Export sessions (Clipboard - Copy as well).

The export menu (File - Export) and the export feature in the context menu will be grayed out if the option is not active.

 

Security Groups

The Permissions section manages permissions with Security Groups.

For more information on this section, please consult the Permissions topic.

 

User Management - Security Groups

User Management - Security Groups

 

Repositories

Select which repositories the user has access to.

For more information, please consult the Repositories topic.

 

User Management - Repositories

User Management - Repositories

 

Application Access

Select which application the user will be allowed to use.

 

User Management - Application Access

User Management - Application Access

 

OPTION

DESCRIPTION

Remote Desktop Manager

Allows the user to connect to Devolutions Password Server instance using Remote Desktop Manager application.

Devolutions Web Login

Allows the user to connect to Devolutions Password Server instance using Devolutions Web Login browser extension.

 

Email Notifications

Email Notifications are used to send email notifications to specific users. These notifications include any activities on sessions, security groups, roles, users, etc.

 

User Management - Email Notifications

User Management - Email Notifications

 

OPTION

DESCRIPTION

Connection opened

If enabled, will send notification to the user when connection is opened.

System Settings changed

If enabled, will send notification to the user about modifications in the System Settings.

Entries

If enabled, will send notification to the user about modifications on Entries. It could be set on specific operation (Add, Edit and/or Delete).

Repository

Allows the user to see the content of the Information tab for all sessions.

Roles

If enabled, will send notification to the user about modifications on Roles. It could be set on specific operation (Add, Edit and/or Delete).

Security Groups

If enabled, will send notification to the user about modifications on Security Groups. It could be set on specific operation (Add, Edit and/or Delete).

Tasks

If enabled, will send notification to the user about modifications on Tasks. It could be set on specific operation (Add, Edit and/or Delete).

Users

If enabled, will send notification to the user about modifications on Users. It could be set on specific operation (Add, Edit and/or Delete).

Users

If enabled, the current user can receive email notifications when a specific user account has been added, edited or deleted.

Users Locked Out

If enabled, will send notification when a user is locked.

Entry expiring

If enabled, will send a notification to the user that contains a list of entries that will soon expire (next 30, 15 and/or 5 days).

 

Settings

User Management - Settings

User Management - Settings

 

Allow the user to enable the Offline Mode on the data sources. This also depends on the data source being configured to allow it. There are 4 modes available:

 

OPTION

DESCRIPTION

Disabled

No offline cache allowed for the user.

Cache only

Allow to save a cache of the data source but not the offline mode.

Read-only

A read-only cache. The user will not be able to edit data in the data source. This mode is allowed for Advanced Data Sources only.

Read/Write

An advanced cache, with change synchronization. This mode is allowed for Advanced Data Sources only.