Customizing Administrator Roles
  • 4 Minutes to read
  • PDF

Customizing Administrator Roles

  • PDF

Article summary

By default, CTERA Portal includes built-in roles for administrators. CTERA Portal includes the following roles for global administrators:
Compliance Officer – The administrator can manage CTERA Vault on folders. For details, see Folder (WORM) Compliance: CTERA Vault.
Read/Write Administrator – The administrator has read/write permissions throughout the portal.
Read Only Administrator – The administrator has read-only permissions throughout the portal.
Support – The administrator has read/write access to devices, user accounts, folders, and folder groups, and read-only access to all other settings in the portal.

You can customize these roles by adding or removing permissions.

To customize an administrator role:

  1. In the global administration view, select Settings in the navigation pane.
    The Control Panel page is displayed.
    image.png

  2. Select User Roles, under USERS in the Control Panel page.
    The Roles window is displayed.
    image.png

  3. Either click a role or select a role's row and click Edit.
    The Edit Role window is displayed.
    image.png

  4. Check the permissions you want to include in the role, and uncheck those that you don't want to include.

    Note

    The permissions that can be included are role dependent.

    Super User – Allow all the permissions.
    Access End User Folders – Allow administrators to access and modify end user files and folders. If this option is not selected, and an administrator with this role attempts to access an end user's folder, the administrator will be prompted to enter the folder owner’s password.

    • Allow Files/Folders Permanent Deletion – Allow administrators to permanently delete end user files, folders and backups. Permanent deletion means that the file is not saved for the amount of time specified for the The numbers of days to keep deleted files value in the snapshot retention policy, but it and all versions saved in previous snapshots are deleted as well as the version on all devices.

    Manage Cloud Folders – Allow administrators to manage cloud folders. Without this permission, an administrator only has read/write access to:

    • Folders to which he is the owner.
    • Folders that are owned by someone in a user group the administrator belongs to.
    • Folders to which the administrator has collaboration permissions.

    For all other projects, backup folders and personal folder objects, the administrator has read-only access. Also, without this permission, the administrator cannot approve or reject a team project folder request, as described in Approving Or Rejecting a Team Project Folder.

    Note

    A Read/Write Administrator with both Access End User Folders and Manage Cloud Folders roles can also share the end user cloud folders.

    Manage Compliance Settings – Allow administrators to manage compliance settings for cloud folders. For details, see Folder (WORM) Compliance: CTERA Vault.

    Note

    The Compliance Officer role has this value set by default.

    Manage Users – Allow administrators to edit user emails and passwords and add, edit, and delete users.

    • Modify User Email – Allow administrators to modify the email addresses associated with user accounts.
    • Modify User Password – Allow administrators to modify the passwords associated with user accounts.

    Manage Plans – Allow administrators to add, edit, delete, assign, set defaults, and remove default plans.
    Modify Virtual Portal Settings – Allow administrators to modify virtual portal settings. This option is selected by default and cannot be modified.
    Modify Roles – Allow administrators to modify administrator roles.
    Allow Single Sign On to Devices – Allow administrators to remotely manage devices for which Remote Access with single sign on (SSO) is enabled, without entering the username and password for accessing the device.
    Allow Remote Wipe for Devices – Allow administrators to perform remote wipe of CTERA Mobile devices.
    Allow Seeding Export – Allow administrators to perform seeding export.
    Allow Seeding Import – Allow administrators to perform seeding import.
    Manage Log Settings – Allow administrators to access the log settings.

  5. Click SAVE.

Permissions Per Administrator Role

The different administrator roles have different permissions.

PermissionCompliance OfficeRead/Write AdministratorRead Only AdministratorSupport
Super UserNoYes (Default is No)NoNo
Access End User FoldersYesYesYesYes (Default is No)
Allow Files/Folders Permanent DeletionYesYes (Default is No)NoNo
Manage Cloud FoldersYesYesNoYes
Manage Compliance SettingsYesYes (Default is No)NoNo
Manage UsersYesYesNoYes
Modify User EmailYesYesNoYes
Modify User PasswordYesYesNoYes
Manage PlansYesYesNoYes
Modify Virtual Portal SettingsYesYes (Cannot change)NoYes (Default is No)
Modify RolesYesYesNoYes (Default is No)
Allow Single Sign On to DevicesYes (Default is No)Yes (Default is No)Yes (Default is No)Yes (Default is No)
Allow Remote Wipe for DevicesYesYesYes (Default is No)Yes (Default is No)
Allow Seeding ExportYesYesYes (Default is No)Yes
Allow Seeding ImportYesYesYes (Default is No)Yes
Manage Log SettingsYesYesNoYes (Default is No)

Was this article helpful?