Adding Administrators

Super Administrators can use the Delegated Administration > Edit Role > Add Administrators page to specify which individuals are administrators for a role.

Note: Administrators can be added to multiple roles. These administrators must choose a role during logon. In this situation, the administrator receives the combined reporting permissions for all roles.

Delegated administrators have significant control over the Internet activities of their managed clients. To ensure that this control is handled responsibly and in accordance with your organization’s acceptable use policies, Super Administrators should use the Audit Log page to monitor changes made by administrators. See Viewing and exporting the audit log.

Steps

  1. If you plan to assign network accounts as delegated administrators, make sure you are logged on to the Policy Server whose Settings > General > Directory Service configuration (see Connecting web protection software to a directory service) matches the Global Settings > User Directory configuration.

    If you are adding only local accounts as administrators, you can be logged on to any Policy Server.

  2. Under Local Accounts, mark the check box for one or more users, and then click the right arrow button to move the highlighted users to the Selected list.
  3. Under Network Accounts, mark the check box for one or more users, and then click the right arrow (>) button to move them to the Selected list.
    Note: Custom LDAP groups cannot be added as administrators.
  4. Set the Permissions for administrators in this role.
    Option Description
    Administrator: Policy Management Let administrators in this role apply policies to their managed clients. This also grants access to certain web protection configuration settings.
    Administrator: Reporting Grant administrators access to reporting tools. Use the Edit Role page to set the specific reporting features permitted.
    Administrator: Real-Time Monitor Allow administrators to monitor Internet traffic in real time. See Real-Time Monitor.
    Auditor Give the administrator access to view all features available to other administrators in the role, without the ability to save changes.
  5. When you are finished making changes, click OK to return to the Edit Role page.
  6. Click OK on the Edit Role page to cache your changes. Changes are not implemented until you click Save and Deploy.