Learn about managing all aspects of user accounts including managing two-factor authentication.

This does not include Zone Management. For details about managing users and their zone assignments from the Setup and Configuration page, see Global Zone Management.

Prerequisites: You have Zone Administrator privileges. Refer to Roles and Permissions.

Note: The default session timeout before a user must login again is 30 minutes.

Accessing the User Accounts page

To access User Accounts, open the Settings menu in the upper-right corner of the console. Click Users.

The following options are available:

  • Add users to the zone and define their permissions.

  • View details about a user account.

  • Export a CSV file containing details about the chosen users.

  • Remove existing users from a zone.

  • Manage two-factor authentication settings for users. Note: If SSO is enabled, this option is not available.

settings-users.png

Adding a User Account

You can add a new user from the User Accounts page.

Prerequisites: You must have the required administrative permissions. For details see Roles and Permissions.

  1. Click Add User.

  2. In the Add User window, enter the email address for the new user.

  3. Select a role for the new user. You can select from these RBAC or role-based access controls:

    • Zone Administrator: This user can control all aspects of the Automox console for this zone. For zones with a plan that includes remote control, this role can access devices with remote control.

    • Zone Operator: This user can create, read, modify, and delete all policies and groups. For zones with a plan that includes remote control, this role can access devices with remote control.

    • Patch Operator: This user can create, modify, and delete patch policies. They do not have permission to create or modify a worklet or a required software policy. They can view and run any policy type. They can modify and read groups, however, they cannot associate or disassociate groups with worklets or required software policies.

    • Read Only: This user only has read access rights.

    • Billing Administrator: You must have this role to modify billing settings for your organization.

    • Helpdesk Operator: This user has full read rights in addition to the ability to conduct remote control sessions.

  4. Click Send Invitation.

Note:

  • A user who is new to the account receives an email invitation from Automox Support that includes a link to create the account.

  • An existing user to the account does not receive an email.

Viewing User Accounts

The following information is available from the User Accounts page. The columns are not necessarily all shown by default. The columns are sortable.

  • Email address

  • First name

  • Last name

  • RBAC role

  • 2FA

  • User ID (hidden by default)

Showing All Columns of Data

The default setting of the User Accounts table does not show all available columns. You can show more data or rearrange how the columns are presented.

  • Click the Columns button and select the checkboxes to show or hide columns.

  • You can rearrange the order of the data by dragging the columns to the desired position.

Viewing Details for a User Account

You can view user account information for each user and modify the user role.

Note: You must have the required administrative permissions to change the user role for other user accounts within the zone.

  1. From the User Accounts page, click the email address of the user you want to view account information for.

  2. In the User Account Info dialog box, you can change the user role.

  3. You change the user role from the Role drop-down menu. Select a new user role for the account and click Update Account. For details about user roles, see Adding a User Account.

Viewing Actions

Click the Actions button to select from the following options. These are described in the following sections.

  • Export User

  • Remove User

  • Reset 2FA

Exporting User Account Details

You can export a CSV list of account details for a user or multiple users in your zone.

  1. From the User Accounts page, select the user(s) you want to export information for.

  2. Click Actions → Export User.

  3. In the Export Users dialog box, select the data to be exported or clear the checkbox to not include that information. The following data can be exported:

    • User ID

    • Email Address

    • First Name

    • Last Name

    • RBAC Role

    • 2FA

  4. Click Export User.

A CSV file is downloaded with the information you have selected.

Removing a User Account

You can remove a user from your zone.

Note: It is not possible to remove a Global Administrator.

  1. From the User Accounts page, select the checkbox for the user you want to remove.

  2. Click Actions → Remove User.

  3. In the Remove User window, click Remove to confirm.

Resetting Two-factor Authentication (2FA)

You can reset two-factor authentication for a user or multiple users. This could be necessary in the case that 2FA for mobile was enabled and the mobile device used for verification was lost.

Note: This option is not available when SAML single sign-on (SSO) is enabled. SSO must be disabled for the organization to be able to reset 2FA.

Resetting 2FA for a user defaults them to verification through email. See Security for more information.

  1. From the User Accounts page, select the checkbox for the user(s) you want to reset 2FA for.

  2. Click Actions → Reset 2FA.

  3. Click Reset User.

Related Topics

Was this article helpful?
0 out of 0 found this helpful