During installation, you added user accounts to the Change Auditor security groups (ChangeAuditor Administrators - <InstallationName> and ChangeAuditor Operators - <InstallationName>). These security groups are automatically added as members of the appropriate role (Administrator Role and Operator Role). If applicable, during the web client installation, you may have also added user accounts to the ChangeAuditor Web Shared Overview Users security group. This additional security group is added as a member to the Web Client Shared Overviews role.
Using the AD Protection role and task, administrators can specify who is authorized to view protection definitions for Active Directory and Group Policy objects. Using the Restore Value task, administrators can enable and disable the ability to restore values when viewing events in the Event Details pane. See the Quest Change Auditor for Active Directory User Guide for information on restricting access to specific domains and organizational units and restoring values.
The Application User Interface Authorization page is displayed when Application User Interface is selected from the Configuration task list in the navigation pane of the Administration Tasks tab.
The Application User Interface Authorization page contains an expandable view of the role and task definitions which define role-based access. To add a role or task, use the appropriate Add tool bar command: Add | Add Role Definition or Add | Add Task Definition.
Once added, the following information is provided for each definition:
• |
• |
• |
• |
A task is a collection of operations and sometimes lower-level tasks that can be performed.
1 |
Open the Administration Tasks tab and click Configuration. |
2 |
Select Application User Interface in the Configuration task list to open the Application User Interface Authorization page. |
3 |
• |
To add a lower-level task, click Add Task and select a task from the Authorizations: Task Definitions dialog. |
• |
To add an operation, click Add Operation and select one or more operations from the Authorizations: Operations dialog. |
6 |
Click OK to save your new task definition and close the Authorizations: Task dialog. |
2 |
Select Add | Add Role Definition. |
• |
To add a role, click Add Role and select a role from the Authorizations: Role Definitions dialog. |
• |
To add a task, click Add Task and select a task from the Authorizations: Task Definitions dialog. |
• |
To add an operation, click Add Operation and select one or more operations from the Authorizations: Operations dialog. |
• |
To add an application group, click Add Application Groupn and select an application group from the Authorizations: Application Groups dialog. |
• |
To add a user or group, click Add User or Group, which will display the Select one or more Directory Objects dialog. Use the Browse page or Search page to locate and select the user and/or group accounts to add. |
6 |
Click OK to save your new role definition and close the Authorizations: Role dialog. |
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center