Managing Appliance Users

Describes the appliance users

Only authorized users can access the Appliances. These users are system users and LDAP administrative users. The roles of these users are explained in detail in the following sections.

Appliance Users

The root and local_admin users are appliance system users. These users are initialized during installation.

root and local_admin

As a root user, you can be asked to provide the root account password to log in to some CLI Manager tools. For example, Change Accounts and Passwords tool or Configure SSH tool.

The root account is used to exit the appliance command line interface and go directly into the host operating system command line. This gives the system administrator full control over the machine.

The local_admin is necessary for LDAP maintenance when the LDAP is not working or is not accessible.

LDAP Users

The admin and viewer user accounts are LDAP users that are initialized during installation.

For more information about users, refer here.

admin and viewer Accounts

The admin and viewer accounts are used to log onto CLI Manager or Appliance Web UI. These user accounts can be modified using:

  • CLI Manager, for instructions refer to section Accounts and Passwords.
  • Web UI, where these accounts are the part of the LDAP.
  • Policy management.

When these passwords are changed in the CLI Manager or Appliance Web UI, the change applies to all other installed components, thus synchronizing the passwords automatically.

LDAP Target Users

When you have your appliance installed and configured, you can create LDAP users and assign necessary permissions to these users. You can also create groups of users. The system users are by default predefined in the internal LDAP directory.

For more information about creating users in LDAP and defining their security permissions, refer here.

System Roles

Protegrity Data Security Platform role-based access defines a list of roles, including a list of operations that a role can perform. Each user is assigned to one or more roles. User-based access defines a user to whom the operations are granted. There are several predefined roles on ESA.

The following table describes these roles.

RoleIs used by…
root userThe OS system administrator who maintains the Appliance machine, which could be ESA or DSG.
admin userThe user who specifically manages the creation of roles and members in the LDAP directory. This user could also be the DBA, System Administrator, Programmer, and others. This user is responsible for installing, integrating, or monitoring Protegrity platform components into their corporate infrastructure for the purpose of implementing the Protegrity-based data protection solution.
viewer userPersonnel who can only view and not create or make changes.