• Become a portal pro
• Download
• Print
• My Downloads ()

• Support
• Technical Documentation
• On Demand Global Settings Current
• On Demand Global Settings Current - User Guide

On Demand Global Settings Current - User Guide

Table of Contents  

Working with On Demand Overview of On Demand

Organizations Microsoft Entra tenants

Signing up for On Demand

Organizations and regions Signing in to On Demand

On Demand subscriptions

Managing organizations and regions

Geographic regions Multiple organizations Creating a new organization Displaying the organization ID and deployment region Switching organizations Editing organization settings

Restricting access to organizations Renaming organizations

Deleting organizations On Demand endpoint requirements

Adding users to an organization

Users and roles

Default roles and permissions

Adding a user and assigning a role Access Control: Roles

Viewing role permissions Creating a custom role Editing a custom role Assigning a role to a user Deleting a custom role

Access Control: Users

Adding a user to your organization and assigning a role Editing user roles Removing a user from the organization

Inviting users to join an On Demand organization

Managing your Microsoft Entra tenants and on-premises domains

Tenants overview Adding tenants

GCC and GCC High tenants Prerequisites for adding tenants

Displaying a tenant name change

Managing admin consent permissions

About admin consent status Granting and regranting admin consent About the Status and Actions column About the Microsoft Authentication Library (MSAL) Prerequisite for Self Service License Reporting access About revoking admin consent

Removing a tenant Managing your on-premises domains On-premises agent prerequisites On-premises agent supported operating systems On-premises agent system configuration requirements On-premises agent endpoint requirements Adding an on-premises agent

Installing the agent using the command shell

Configuring an agent Editing an agent configuration Automatic updates for on-premises agents Removing an agent Adding an Active Directory domain

Editing a domain configuration

Removing a domain

On Demand Home page

Masthead

Masthead drop-down menu Information window On Demand Status page

Side navigation panel Dashboard

Tenant filter Needs your attention! Module tiles

Configuring settings

Organization Access Control Subscriptions

Subscription details Managing subscriptions

Sharing a subscription Stop using a shared subscription Changing Owner When Moving from Trial to Paid Subscription

Subscription expiry

Stage 1: Your subscription expires in X days Stage 2: Subscription expired. Access denied. Stage 3: Subscription expired. Service disabled. Stage 4: Subscription expired. Data deleted.

Activity trail Notifications

Documentation roadmap

Global settings

Release Notes

More resources

Technical Support

Current operational status Contact support Module product support pages Information and discussion: Quest community forums

• Viewing Topics 21 - 24 of 97

×

Users and roles

When you add a user to an organization, you also assign one or more roles. The role assignment determines what permission level a user has and what tasks the user can perform.

On Demand is configured with a number of default roles. The default role permission settings cannot be changed, but you can create custom roles with specific permission settings to align with your company policies. You can assign multiple roles to each user to combine permission sets.

 

NOTE: Every user must be assigned to at least one role. You cannot remove all roles from a user.

Access Control provides two options: Roles and Users

•	For information about configuring roles, see Access Control: Roles

•	For information about managing users, see Access Control: Users

Default roles and permissions

On Demand is configured with default roles that cannot be edited or deleted. You can, however, duplicate default roles to create custom roles.

For the complete list of module default roles and permissions, refer to your module-specific User Guide.

Default Roles

•	On Demand administrator

On Demand administrators have full access to global settings and all modules. The user who signed up for On Demand and created the organization is automatically assigned the On Demand Administrator role.

•	Module administrator

Module administrators only have access to the specific module where they have been added as an administrator. Module administrators do not have access to global settings or tenants.

On Demand Organization Role Permissions

Permission	Description
Can Add and Remove Tenants	Users with this permission can add new tenants or remove existing tenants from the organization.
Can Configure Agents	Users with this permission can add or modify the actions and domains of an agent in the organization.
Can Create and Delete, and Assign Access Control Roles	Users with the permission can create, assign user to, and delete access control roles for the organization.
Can Export Data	Users with this permission can export data from the selected services within the organization.
Can Read Access Control Roles	Users with this permission are able to view specific permissions within an access control role in the organization.
Can Read Activity Trail	Users with this permission can access the activity trail and view detailed information regarding user and system activity that has occurred within the organization associated to the selected services.
Can Manage the Organization	Users with this permissions can delete or edit the organization (modify name and authorized domains list).

To view the current list of permissions available for each default role:

1	Select Settings, expand Access Control, and select Roles.

2	Click a row in the list of default roles to expand the table to see the individual role permissions.

Adding a user and assigning a role

The flow chart that follows shows the process for adding users and assigning a role. The first step is to view the default role permissions settings. If required, you can create custom roles with specific permission settings to align with your company policies.

Once you have added a user, you must invite the user to sign in to the organization.

 

	Viewing role permissions
	Creating a custom role
	Adding a user to your organization and assigning a role
	Inviting users to join an On Demand organization

Access Control: Roles

Each access control role has a specific set of permissions that determines what tasks a user assigned to the role can perform. Your On Demand organization comes configured with a number of default roles. The default role permissions settings cannot be changed, but you can create custom roles with specific permission settings to align with your company policies.

 

NOTE: To manage access control roles, you must have the permission "Can create, delete, and assign access control roles".

Perform the following tasks from the Setting | Access Control | Roles page:

•	Viewing role permissions

•	Creating a custom role

•	Editing a custom role

•	Assigning a role to a user

•	Deleting a custom role

•  Previous
• Viewing Topics 21 - 24 of 97
• Next 

Search this document Search all documents

×

 Welcome to Quest Support

You can find online support help for Quest *product* on an affiliate support site. Click continue to be directed to the correct support content and assistance for *product*.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating

© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center