FSProtect
  • Introduction
    • FSProtect - Active Directory Security Assessment
    • Glossary
    • Architecture
    • Requirements
    • Installation
    • Update
  • Scans
    • New Scan
    • Scans
    • Policies
  • Dashboard
  • Trend Insights
  • Issues
  • Impacts
  • Attack Surface
    • Forests
    • Domains
    • Computers
    • Users
    • Groups
    • GPOs
    • OUs
    • MSAs
    • GMSAs
    • Local Users
    • Local Groups
    • Certificate Authorities
    • Certificate Templates
    • CA Certificates
  • GPO Audit
    • GPO Comparison
    • RSoP Comparison
    • Custom Baselines
  • Integrations
    • CyberArk
    • Mail
    • Jira
  • Search & Reports
    • Domain
    • Computer
    • User
    • Group
    • GPO
    • OU
    • ManagedServiceAccount
    • GroupManagedServiceAccount
    • LocalUser
    • LocalGroup
    • CertificateAuthority
    • CertificateTemplate
    • CACertificate
    • SPN
    • SmbShare
  • Health Check
  • Visualize
  • Settings
    • User Settings
    • LDAP Authentication Settings
    • Roles and Permissions
    • Token Expiration Settings
  • Share Audit
    • Summary
    • Secrets
    • Settings
Powered by GitBook
On this page
  • View roles and permissions
  • Create new role
  • Assign permissions to a role
  • Delete a role
  • Select/Deselect all permissions
  • Expand/Collapse permission groups

Was this helpful?

  1. Settings

Roles and Permissions

PreviousLDAP Authentication SettingsNextToken Expiration Settings

Last updated 8 months ago

Was this helpful?

The "Roles and Permissions" page provides users with comprehensive control over role management within the system. This page can be accessed from the Settings menu if the user has the required permissions.

View roles and permissions

Users who have the necessary permission can access a detailed overview of all existing roles and their associated permissions within the system. This feature enables users to gain insights into the current role structure and permissions distribution.

Create new role

With appropriate permissions, users can create new roles seamlessly. By selecting the "New Role" button, users initiate the creation process, which prompts a form where they can specify the name of the new role and save it accordingly.

Assign permissions to a role

Users who have necessary permissions can assign permissions to a role by subsequently checking the corresponding boxes next to the desired permissions within the Permissions Table. Once selections are made, users can save their changes effortlessly.

Delete a role

For roles that are editable, users can opt to delete them as necessary. This action is facilitated by clicking on the trash icon adjacent to the role in the Roles Table. Upon initiation, a confirmation window appears, allowing users to confirm or cancel the deletion process.

Select/Deselect all permissions

To expedite permission management, users can opt to select or deselect all permissions associated with a role simultaneously. This streamlined functionality is accessible through the "Select All" or "Deselect All" options, providing users with greater efficiency in managing permissions.

Expand/Collapse permission groups

Users have the flexibility to expand or collapse groups of permissions effortlessly. By clicking on the parent permission name, users can toggle the visibility of permission groups, enhancing the organization and accessibility of permission settings.

After a user successfully creates a role with an appropriate set of permissions, the role can be assigned to an access control entry on the LDAP configuration page to restrict user actions.

The image below depicts the user logged in with the DN in the example, observing the user interface.

Dashboard
Roles and Permissions control page
Create role modal
Permissions of role named Auditor
LDAP configuration page shows defining an access control entry for the role created
FSProtect UI an Auditor sees