Skip to main content
Code42 Support

Manage user roles

Available in:

StandardPremiumEnterprise
Small Business
Applies to:

Overview

This article describes how to view, add, and customize user roles and how to remove or assign user roles to specific accounts.

Your Code42 environment has a pre-existing set of user roles or privileges that can be applied to user accounts. These built-in user roles generally provide administrators with the fine-grained set of permissions and roles needed for most use cases. In addition, you can create your own custom roles for more flexible management of user permissions within your Code42 environment.

Considerations

Administrative privilege requirements

  • By default, users with the SYSADMIN or Server Administrator roles have the ability to add, delete, or edit roles.
  • By default, a SYSADMIN can add the admin permission to a role, or edit and delete roles that have the admin permission.
  • You must have your own authority server to create and modify custom roles. If your Code42 environment is entirely within the Code42 cloud, you can only view roles and assign them to your users.

Custom roles and permission dependencies

Due to the dependency between permissions, your custom role may not perform as expected. If possible, use an existing role as a template, and carefully add or remove permissions from this duplicated role. Test all custom roles thoroughly before assigning them to users.

For more information on our recommended best practices, refer to Best Practices For Custom Roles & Permissions.

If you require assistance with the creation of custom roles, please contact our sales team. Assistance with custom roles is beyond the scope of regular support.

Steps

View existing roles

Follow these steps to view which permissions make up each role.

  1. Sign into the Code42 administration console as a SYSADMIN user.
  2. Navigate to Settings > Security > Roles.
  3. Under the Roles list, select a role.

The permissions granted by the selected role are displayed in the right pane under Permissions.

View Roles

Add role

To create a new or custom role, use the following steps.

  1. From Settings > Security > Roles, click Add located in the lower left-hand corner of the screen.
    The Edit Roles and Permissions pane is displayed.
  2. Name the new role.
  3. Select the permissions to assign to the new role.
  4. Click Save.

Add new role

The new role is now listed within the Roles pane.

Duplicate existing role

To use an existing role as a template for a new role, use the following steps.

  1. Select the existing role to act as the template.
  2. Click the Duplicate this role icon to create a new role in the Roles pane.

Duplicate role

  1. Edit the copied role to fine-tune permissions.

Edit role

To modify or make changes to an existing role, use the following steps.

  1. Select the role you would like to make changes to.
  2. Click the Edit this role icon to display the Edit Roles and Permissions pane.

Edit role

  1. Update the role's name.
  2. Select or de-select permissions to add or remove from the role.
  3. Click Save.

Note: Only user-created roles can be edited or modified. System default roles cannot be changed.

Remove role

To remove or delete an existing role, use the following steps.

  1. Select the role you would like to remove.
  2. Click the Remove this role icon.

Remove role

  1. Confirm the deletion of the selected role.

Note: Only user-created roles can be removed or deleted. System default roles cannot be removed.

Assign role to specific user

To assign a role to a specific user, follow the below steps.

  1. Navigate to the User Details view.
  2. From the Action Menu, select Edit.
  3. Select the Roles tab.
  4. From the Available Roles list, select the role you'd like assigned to the user.
  5. Click the right facing arrow to add the selected role.
  6. Select Update User to save your changes.

Add role to user

Advanced role assignment with LDAP integration

Your Code42 environment's LDAP integration can be configured to assign user roles based on specific LDAP attributes. You must have at least one LDAP server created and fully configured before you can assign roles via LDAP Attribute Mapping.

  1. Go to Settings > Security > LDAP and select an LDAP server.
  2. At the Role name script field, enter Javascript code. The Javascript output determines which role name is assigned to which users.
  3. Verify the Role name script code outputs the correct values for your Code42 environment using the LDAP search results in the right column.
  4. Click Save to apply the changes.

LDAP role name script

For assistance creating a role name script, please contact Sales.