• Become a portal pro
• Download
• Print
• My Downloads ()

• Support
• Technical Documentation
• On Demand Global Settings Current
• On Demand Global Settings Current - User Guide

On Demand Global Settings Current - User Guide

Table of Contents  

Working with On Demand Overview of On Demand

Organizations Azure Active Directory tenants

Signing up for On Demand

Organizations and regions Signing up to On Demand

Signing in to On Demand with Multi-factor Authentication Signing in to On Demand with your existing Quest account Signing up for a new Quest account and signing in to On Demand On Demand subscriptions

Managing organizations and regions

Geographic regions Multiple organizations Displaying the current organization ID Creating a new organization Switching organizations Renaming organizations Displaying the organization ID

Adding users to an organization

Users and roles Default roles

Default role permissions

Adding a user and assigning a role Access Control: Roles

Viewing role permissions Creating a custom role Editing a custom role Adding a user to a role Deleting a custom role

Access Control: Users

Adding a user to your organization and assigning a role Editing user roles Removing a user from the organization

Inviting new users

Creating a Quest account and joining an existing On Demand organization Joining an existing On Demand organization Joining an existing On Demand organization with an Azure AD account

Managing your Azure tenants and on-premises domains

Tenants overview Adding tenants Managing admin consent permissions

About admin consent status Granting and regranting admin consent About revoking admin consent

Removing a tenant Managing your on-premises domains Adding an on-premises agent

Installing the agent using the command shell

Configuring an agent Automatic updates for on-premises agents Removing an agent Adding an Active Directory domain Removing a domain

On Demand Home page

Masthead

Masthead drop-down menu Information window On Demand Status page

Side navigation panel Dashboard

Tenant filter Tenant summary Needs your attention! Module tiles

Configuring settings

Access Control Subscriptions

Subscription details Managing subscriptions

Sharing a subscription Stop using a shared subscription Changing Owner When Moving from Trial to Paid Subscription

Subscription expiry

Stage 1: Your subscription expires in X days Stage 2: Subscription expired. Access denied. Stage 3: Subscription expired. Service disabled. Stage 4: Subscription expired. Data deleted.

Activity trail Notifications

Configuring notification recipients

Documentation roadmap

Global settings

Release Notes

More resources

Technical Support

Current operational status Contact support Module product support pages Information and discussion: Quest community forums

• Viewing Topics 21 - 24 of 90
•  Previous
• Next 

×

Users and roles

When you add a user to an organization, you also assign one or more roles. The role assignment determines what permission level a user has and what tasks the user can perform. Assigning roles and setting user permissions is referred to as access control.

On Demand is configured with a number of default roles. The default role permission settings cannot be changed, but you can create custom roles with specific permission settings to align with your company policies. You can assign multiple roles to each user to combine permission sets.

 

NOTE: Every user must be assigned to at least one role. You cannot remove all roles from a user.

Default roles and their permission settings are described in the following sections.

Access Control provides two options: Roles and Users

•	For information about configuring roles, see Access Control: Roles

•	For information about managing users, see Access Control: Users

Default roles

On Demand is configured with default roles that cannot be edited or deleted. You can duplicate default roles to create custom roles. The default roles are listed.

On Demand administrator

On Demand administrators have full access to global settings and all modules. The user who signed up for On Demand and created the organization is automatically assigned the On Demand Administrator role.

Module administrator

Module administrators only have access to the specific module where they have been added as an administrator. Module administrators do not have access to global settings or tenants.

Default role permissions

To view the current list of permissions available for each default role, select Settings, expand Access Control, and select Roles. Click any row the list of default roles to expand the table and view the individual role permissions.

For Migration, you can select nested permissions.

 

Role	Permissions
On Demand Administrator On Demand Organization (also has all module permissions)	• Can add and remove tenants • Can configure agents • Can create, delete, and assign access control roles • Can export data Specific services can be selected for this permission • Can read access control roles • Can read Activity Trail Specific services can be selected for this permission. • Can rename the organization
Audit Administrator	• Can manage Azure AD tenant configuration for Audit • Can manage Change Auditor installation configuration • Can manage organization private alerts and private alert plans • Can manage private alerts and private alert plans • Can manage private searches • Can manage shared alerts and shared alert plans • Can manage shared searches • Can run private searches • Can run quick search searches • Can run search visualization • Can run shared searches • Can view dashboard • Can view event details • Can view event retention settings • Can view shared searches
Group Management Administrator	• Can approve, reject, or cancel a request • Can configure and manage group management
Governance	• Can manage Governance
License Management Administrator	• Can manage licenses • Can read licenses
Migration Administrator	• Can configure and run migrations
Recovery Administrator	• Can download hybrid credentials • Can manage backup settings • Can manage events • Can manage project settings • Can read backup history • Can read differences • Can read events • Can read restore attributes • Can read task history • Can read UI collections • Can read UI projects • Can read unpacked objects • Can restore from differences • Can restore from objects • Can run backup manually • Can run difference report • Can unpack backups

Adding a user and assigning a role

The flow chart that follows shows the process for adding users and assigning a role. The first step is to view the default role permissions settings. If required, you can create custom roles with specific permission settings to align with your company policies.

Once you have added a user, you must invite the user to sign in to the organization.

 

	Viewing role permissions
	Creating a custom role
	Adding a user to your organization and assigning a role
	Inviting new users

•  Previous
• Viewing Topics 21 - 24 of 90
• Next 

Search this document Search all documents

×

 Welcome to Quest Support

You can find online support help for Quest *product* on an affiliate support site. Click continue to be directed to the correct support content and assistance for *product*.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating

© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center