This article describes how to view, add, and customize user roles and how to remove or assign user roles to specific accounts.
Your Code42 environment has a pre-existing set of user roles or privileges that can be applied to user accounts. These built-in user roles generally provide administrators with the fine-grained set of permissions and roles needed for most use cases. In addition, you can create your own custom roles for more flexible management of user permissions within your Code42 environment.
Administrative privilege requirements
- By default, users with the SYSADMIN or Server Administrator roles have the ability to add, delete, or edit roles.
- By default, a SYSADMIN can add the admin permission to a role, or edit and delete roles that have the admin permission.
- You must have your own authority server to create and modify custom roles.
Custom roles and permission dependencies
Due to the dependency between permissions, your custom role may not perform as expected. If possible, use an existing role as a template, and carefully add or remove permissions from this duplicated role. Test all custom roles thoroughly before assigning them to users.
For more information on our recommended best practices, refer to Best practices for custom roles and permissions.
If you require assistance with the creation of custom roles, please contact our sales team. Assistance with custom roles is beyond the scope of regular support.
View existing roles
Follow these steps to view which permissions make up each role.
- Sign into the Code42 administration console as a SYSADMIN user.
- Navigate to Settings > Security > Roles.
- Under the Roles list, select a role.
The permissions granted by the selected role are displayed in the right pane under Permissions.
To create a new or custom role, use the following steps.
- From Settings > Security > Roles, click Add located in the lower left-hand corner of the screen.
The Edit Roles and Permissions pane is displayed.
- Name the new role.
- Select the permissions to assign to the new role.
- Click Save.
The new role is now listed within the Roles pane.
Duplicate existing role
To use an existing role as a template for a new role, use the following steps.
- Select the existing role to act as the template.
- Click the Duplicate this role icon to create a new role in the Roles pane.
- Edit the copied role to fine-tune permissions.
To modify or make changes to an existing role, use the following steps.
- Select the role you would like to make changes to.
- Click the Edit this role icon to display the Edit Roles and Permissions pane.
- Update the role's name.
- Select or de-select permissions to add or remove from the role.
- Click Save.
Note: Only user-created roles can be edited or modified. System default roles cannot be changed.
To remove or delete an existing role, use the following steps.
- Select the role you would like to remove.
- Click the Remove this role icon.
- Confirm the deletion of the selected role.
Note: Only user-created roles can be removed or deleted. System default roles cannot be removed.
Assign role to specific user
To assign a role to a specific user, follow the below steps.
- Navigate to the User Details view.
- From the Action Menu, select Edit.
- Select the Roles tab.
- From the Available Roles list, select the role you'd like assigned to the user.
- Click the right facing arrow to add the selected role.
- Select Update User to save your changes.
Advanced role assignment with LDAP integration
Your Code42 environment's LDAP integration can be configured to assign user roles based on specific LDAP attributes. You must have at least one LDAP server created and fully configured before you can assign roles via LDAP Attribute Mapping.
- Go to Settings > Security > LDAP and select an LDAP server.
- Verify the Role name script code outputs the correct values for your Code42 environment using the LDAP search results in the right column.
- Click Save to apply the changes.
For assistance creating a role name script, please contact Sales.