Managing user accounts individually
Use this method to add local user accounts or Active Directory accounts. To set up an Active Directory integration, refer to this topic.
You can create, edit and delete user accounts individually from the Accounts page in the Control Center.
Dependencies
Locally created accounts can delete accounts created through Active Directory integration regardless of their role.
Locally created accounts cannot delete similar account regardless of their role.
Create a user account
Before creating a user account, make sure you have the required email address at hand. The user will receive the GravityZone login details at the supplied email address.
To add a user account in Control Center:
Log in to the GravityZone console.
Go to the Accounts page.
Click the Add account button in the upper left side of the page.
A configuration window will be displayed.
Under the Details section, fill in the following details:
Import from Active Directory - click Synchronize to import users from your Active Directory database.
Note
This option is visible only if Active Directory integration exists.
Username - the username of the account used to log in to Control Center.
Email - the user's email address.
Note
The email address must be unique.
Reports and important security notifications are sent to this address. Email notifications are sent automatically whenever important risk conditions are detected in the network.
Full name - the full name of the account owner.
Password - the password that the user logs in with.
Important
The password must be at least twelve characters long and must contain at least one upper case character, one lower case character, one digit, and one special character.
Confirm password - type in the password again.
Timezone - select the timezone of the account. The console will display time information according to the selected timezone.
Language - select the console display language.
Under the Role privileges section, configure the following settings:
Role - select the role you want to assign to the user. The role determines what rights the user will have.
Note
For more information on user roles, refer to User Roles.
Rights - select what rights you want the user to have.
Each user role has a predefined configuration of rights. You can assign the user a specific combination of rights by selecting Custom under Role.
Note
For more information on user rights, refer to User rights.
Under Select Targets, select the network groups the user will have access to for each available security service. You can restrict the user access to a certain GravityZone security service or to specific areas of the network.
Note
The target selection options will not be displayed for users with Manage Solution right, which, by default, have privileges over the entire network and security services.
Important
Whenever you make changes to your network structure, or when setting up a new integration with another vCenter Server or XenServer system, remember to also review and update access privileges for existing users.
Click Create to add the user.
Control Center automatically sends the user an email with the login details, provided the mail server settings have been properly configured. For more details regarding the mail server configuration, refer to Configure Control Center settings.
The new account will appear in the user accounts list.
Editing a user account
To edit user account in Control Center :
Log in to Control Center.
Go to the Accounts page.
Click the Username.
Change user account details and settings as needed.
Note
Under Login Security, you can view the status of the two-factor authentication (2FA) setting. This option is either enforced company-wide , or the users can set it themselves.
Click Save to apply the changes.
Note
All accounts with the Manage Users right can create, edit and delete other user accounts. You can only manage accounts with equal or fewer privileges as your own account.
Accounts created using AD integration can not delete or edit accounts created from GravityZone.
Deleting a user account
Log in to Control Center.
Go to the Accounts page.
Select the user account from the list.
Click the Delete button at the upper side of the table.
Click Delete to confirm.