Skip to main content

Who is this article for?

Code42 for EnterpriseSee product plans and features
CrashPlan for Small Business 

CrashPlan for Small Business, no.

Code42 for Enterprise, yes.

Link: Product plans and features.

This article applies to Cloud.

Other available versions:

Versions 6 and 7Link: What version am I on?

Code42 Support

Roles reference

Overview

Your Code42 environment has a pre-existing set of user roles that can be applied to user accounts. These standard user roles provide administrators with the fine-grained set of permissions needed for most use cases. This article describes the available standard roles, as well as the permissions, limitations, and recommended use cases for each role.

 To assign roles to users, see Manage user roles.

View all roles

  1. Sign in to the administration console as a user with the Customer Cloud Admin role.
  2. Navigate to Administration > Users > Active
  3. Click a user row to open the user details page. 
  4. Select Edit from the action menu in the upper-right corner.
  5. Click the Roles tab. 
  6. Select a role from the Available Roles or Current Roles lists.
    The permissions granted by the selected role are displayed in the Role's Permissions table. 

View roles.

Standard roles

Admin Restore

  • Recommended use case
    • Assign in conjunction with a role that has access to the administration console and Code42 app. For example, PROe User and Desktop User.
  • Administrator functions
  • End user functions
    • None
  • Limitations 
    • No access to the administration console or Code42 app 
  • Scope of permissions
    • All organizations
  • Permissions
    • restore: Perform a full web restore for all devices user has authority to manage. 

Admin Restore Limited

  • Recommended use case
    • Assign in conjunction with a role that has access to the administration console and Code42 app. For example, PROe User and Desktop User.
  • Administrator functions
  • End user functions
    • None
  • Limitations 
    • Restore limit is configurable from organization settings (250 MB by default)
    • No access to the administration console or Code42 app
  • Scope of permissions
    • All organizations
  • Permissions
    • restore.limited: Perform a limited size web restore for all devices user has authority to manage. 

Cross Org Admin

  • Recommended use case
    • Administrators who manage users and devices in all organizations and who need to restore files for users
  • Administrator functions
    • Add/deactivate users, devices, and organizations.  
    • Update settings
    • View data in the Reporting web app 
    • Perform push and web restores for other users 
    • Read and write to plans within all organizations
  • End user functions
    • Perform personal backups from the Code42 app and administration console
  • Limitations 
    • Limited access to the administration console command line interface (CLI)
    • Cannot access system logs
  • Scope of permissions
    • All organizations
  • Permissions
    • account.update: For internal use only.
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • cpw.login: For internal use only.
    • crossorg-computer: Access, alter, or remove any computer information across the customer's organization.
    • crossorg-org.create: Create new parent organizations across the customer's organization.
    • crossorg-org.delete: Delete any org across the customer's organization.
    • crossorg-org.read: View organization information across the customer's organization.
    • crossorg-org.update_deactivate: Update organization information and deactivate organizations across the customer's organization.
    • crossorg-plan: Create, read, update and delete plans across the customer's organization.
    • crossorg-user: Access, alter, or remove any user information across the customer's organization.
    • fileforensics.settings_write: View and edit file forensics related settings.
    • pushrestore: Perform a push restore from and to any device the user has authority to manage.
    • restore: Perform a full web restore for all devices user has authority to manage.
    • search.configure: Configure search related settings.
    • securitytools.settings_write: Edit settings for Code42 Security Tools.
    • select: Remotely browse file and directory names for all devices user has authority to manage. Used for remotely selecting push-restore destination and backup sources.
    • system.command_restricted: View the CLI and run any command for which the user has permission.

Cross Org Admin - No Restore

  • Recommended use case
    • Administrators who manage users and devices in all organizations but should not restore files for users
  • Administrator functions
    • Add/deactivate users, devices, and organizations 
    • View data in the Reporting web app 
    • Read and write to plans within all organizations
  • End user functions
    • Perform personal backups from the Code42 app and administration console
  • Limitations 
    • Cannot perform push or web restores
    • Limited access to the administration console command line interface (CLI)
    • Cannot access system logs
  • Scope of permissions
    • All organizations
  • Permissions
    • account.update: For internal use only.
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • cpw.login: For internal use only.
    • crossorg-computer: Access, alter, or remove any computer information across the customer's organization.
    • crossorg-org.create: Create new parent organizations across the customer's organization.
    • crossorg-org.delete: Delete any org across the customer's organization.
    • crossorg-org.read: View organization information across the customer's organization.
    • crossorg-org.update_deactivate: Update organization information and deactivate organizations across the customer's organization.
    • crossorg-plan: Create, read, update and delete plans across the customer's organization.
    • crossorg-user: Access, alter, or remove any user information across the customer's organization.
    • fileforensics.settings_write: View and edit file forensics related settings.
    • pushrestore: Perform a push restore from and to any device the user has authority to manage.
    • search.configure: Configure search related settings.
    • securitytools.settings_write: Edit settings for Code42 Security Tools.
    • select: Remotely browse file and directory names for all devices user has authority to manage. Used for remotely selecting push-restore destination and backup sources.
    • system.command_restricted: View the CLI and run any command for which the user has permission.

Cross Org Help Desk

  • Recommended use case
    • Help desk staff who assist others in all organizations, but not change any settings
  • Administrator functions
    • View (read-only) users and devices 
    • Restore files to the source user's devices using the administration console
    • Use the Reporting web app to view data
  • End user functions
    • Perform personal backups from the Code42 app and administration console
  • Limitations 
    • Cannot change settings
    • Cannot add/deactivate users, devices, or organizations
  • Scope of permissions
    • All organizations
  • Permissions
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • cpw.login: For internal use only.
    • crossorg-computer.read: View computer information across the customer's organization.
    • crossorg-org.read: View organization information across the customer's organization.
    • crossorg-plan.read: Read information about plans across the customer's organization.
    • crossorg-user.read: View user information across the customer's organization.
    • pushrestore.limited: Perform a push restore only to the source user's devices. There is no size limit.
    • select: Remotely browse file and directory names for all devices user has authority to manage. Used for remotely selecting push-restore destination and backup sources.

Cross Org Help Desk - No Restore

  • Recommended use case
    • Help desk staff who assist others in all organizations, but who do not change any settings or restore files
  • Administrator functions
  • End user functions
    • Perform personal backups from the Code42 app and administration console
  • Limitations 
    • Cannot perform push or web restores
    • Cannot change settings
    • Cannot add/deactivate users, devices, or organizations
  • Scope of permissions
    • All organizations
  • Permissions
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • cpw.login: For internal use only.
    • crossorg-computer.read: View computer information across the customer's organization.
    • crossorg-org.read: View organization information across the customer's organization.
    • crossorg-plan.read: Read information about plans across the customer's organization.
    • crossorg-user.read: View user information across the customer's organization.

Cross Org Legal Admin

  • Recommended use case
    • Legal personnel who  place custodians on legal hold and administer legal holds for the entire Code42 environment, and who need to restore files for users 
  • Administrator functions
  • End user functions
    • Perform personal backups from the Code42 app
  • Limitations 
    • No "root" level access
    • Cannot change settings
    • Cannot add or deactivate users, devices, or organizations.
  • Scope of permissions
    • All organizations
  • Permissions
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • crossorg-computer.read: View computer information across the customer's organization.
    • crossorg-org.read: View organization information across the customer's organization.
    • crossorg-plan: Create, read, update and delete plans across the customer's organization.
    • crossorg-user.read: View user information across the customer's organization.
    • legalhold: Perform any operation regarding any Legal Hold
    • pushrestore: Perform a push restore from and to any device the user has authority to manage.
    • restore: Perform a full web restore for all devices user has authority to manage.
    • select: Remotely browse file and directory names for all devices user has authority to manage. Used for remotely selecting push-restore destination and backup sources.

Cross Org Manager

  • Recommended use case
    • Executive users who need statistics, but not technical details, about all organizations 
  • Administrator functions
    • View (read-only) users and devices 
    • Restore files to the source user's devices using the administration console
    • View data in the Reporting web app 
  • End user functions
    • Perform personal backups from the Code42 app and administration console
  • Limitations 
    • Cannot change settings
    • Cannot add/deactivate users, devices, or organizations
  • Scope of permissions
    • All organizations
  • Permissions
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • cpw.login: For internal use only.
    • crossorg-computer.read: View computer information across the customer's organization.
    • crossorg-org.read: View organization information across the customer's organization.
    • crossorg-plan.read: Read information about plans across the customer's organization.
    • crossorg-user.read: View user information across the customer's organization.
    • pushrestore.personal: Perform a personal push restore.
    • restore.limited: Perform a limited size web restore for all devices user has authority to manage.
    • restore.personal: Perform a personal web restore.
    • select.personal: Remotely browse file and directory names for personal devices. Used for remotely selecting push-restore destination and backup sources.

Cross Org Security Viewer

  • Recommended use case
  • Administrator functions
  • End user functions
    • None
    Limitations 
    • Cannot change settings in organizations
    • Cannot add/deactivate users, devices, or organizations
  • Scope of permissions
    • All organizations
  • Permissions
    • console.login: Log in to the Code42 administration console.
    • cpp.login: Log in to the administration console.
    • cpw.login: For internal use only.
    • crossorg-computer.read: View computer information across the customer's organization.
    • crossorg-org.read: View organization information across the customer's organization.
    • crossorg-plan.read: Read information about plans across the customer's organization.
    • crossorg-user.read: View user information across the customer's organization.
    • securitytools.data_read: View data collected by Code42 Security Tools.

Cross Org User Modify

  • Recommended use case
    • Help desk staff who manage users, but not devices or organization settings. Assign in conjunction with a role that has access to the administration console (such as Cross Org Help Desk.)
  • Administrator functions
    • View users
    • Update user information
  • End user functions
    • None
  • Limitations 
    • Cannot add or deactivate users 
    • Cannot update organization settings
  • Scope of permissions
    • All organizations
  • Permissions
    • crossorg-user.read: View user information across the customer's organization. 
    • crossorg-user.update: Update user information across the customer's organization.

Customer Cloud Admin

  • Recommended use case
    • Administrators who need administrative privileges for the Code42 environment
  • Administrator functions
    • Add/deactivate users, devices, and organizations 
    • Update settings for users, devices, and organizations
    • View data in the Reporting web app  for the user's Code42 environment
    • View the Subscriptions screen for the user's organization or organizations.  
    • Read and write to plans within the user's Code42 environment
  • End user functions
    • Perform personal backups from the Code42 app and administration console
    Limitations 
    • Limited access to the administration console command line interface (CLI)
    • Cannot access system logs
  • Scope of permissions
    • All organizations
  • Permissions
    • accesslock: Perform all accessLock related functions.
    • account.update: For internal use only.
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • cpw.login: For internal use only.
    • crossorg-computer: Access, alter, or remove any computer information across the customer's organization.
    • crossorg-org.create: Create new parent organizations across the customer's organization.
    • crossorg-org.delete: Delete any org across the customer's organization.
    • crossorg-org.read: View organization information across the customer's organization.
    • crossorg-org.update_deactivate: Update organization information and deactivate organizations across the customer's organization.
    • crossorg-org.update_restricted: Update restricted organization information across the customer's organization.
    • crossorg-plan: Create, read, update and delete plans across the customer's organization.
    • crossorg-user: Access, alter, or remove any user information across the customer's organization.
    • customer_admin: Configure settings for your entire environment, such as subscription information and single sign-on (SSO).
    • email.update: Change customer-specific email settings and content.
    • fileforensics.settings_write: View and edit file forensics related settings.
    • legalhold: Perform any operation regarding any Legal Hold
    • pushrestore: Perform a push restore from and to any device the user has authority to manage.
    • restore: Perform a full web restore for all devices user has authority to manage.
    • search.configure: Configure search related settings.
    • securitytools.data_read: View data collected by Code42 Security Tools.
    • securitytools.settings_write: Edit settings for Code42 Security Tools.
    • select: Remotely browse file and directory names for all devices user has authority to manage. Used for remotely selecting push-restore destination and backup sources.
    • system.command_restricted: View the CLI and run any command for which the user has permission.
    • twofactorauth.configure: View and edit two-factor auth settings for local users.

Desktop User

  • Recommended use case
    • End users in your organization
  • Administrator functions
    • N/A
  • End user functions
    • Perform personal backups from the Code42 app and administration console
    • Perform web restores
    Limitations 
    • Cannot interact with other users' data or change settings in your Code42 environment
  • Scope of permissions
    • Assigned user
  • Permissions
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cps.login: Log in to the client desktop.
    • plan.create: Create plans within a user's organization hierarchy.
    • restore.personal: Perform a personal web restore.
    • select.personal: Remotely browse file and directory names for personal devices. Used for remotely selecting push-restore destination and backup sources.

Desktop User - No Web Restore

  • Recommended use case
    • End users in your organization who do not need to perform web restores
  • Administrator functions
    • N/A 
  • End user functions
    • Perform personal backups from the Code42 app and administration console
    Limitations 
    • Cannot interact with other users' data or change settings
    • Cannot perform web restores
  • Scope of permissions
    • Assigned user
  • Permissions
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cps.login: Log in to the client desktop.
    • select.personal: Remotely browse file and directory names for personal devices. Used for remotely selecting push-restore destination and backup sources.

Multi-Factor Auth Admin

  • Recommended use case
    • Administrators who manage user authentication within a specific organization.
  • Administrator functions
  • End user functions
    • N/A
  • Limitations 
    • Does not directly grant access to view or manage users and organizations.
  • Scope of permissions
    • The user's organization and its child organizations
  • Permissions
    • twofactorauth.configure: View and edit two-factor auth settings for local users. 

Org Admin

  • Recommended use case
    • Administrators who only manage users and devices within a specific organization
  • Administrator functions
    • Add/deactivate users, devices, and organizations
    • Update settings for users, devices, and organizations 
    • View data in the  Reporting web app
    • Perform web restores  
    • Read and write to plans
  • End user functions
    • Perform personal backups from the Code42 app and administration console
    Limitations 
    • Limited access to the administration console command line interface (CLI)
    • Cannot access system logs
  • Scope of permissions
    • The user's organization and its child organizations
  • Permissions
    • account.update: For internal use only.
    • computer: Access, alter, or remove any computer information.
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • cpw.login: For internal use only.
    • fileforensics.settings_write: View and edit file forensics related settings.
    • org.create: Create child organizations within user's organization.
    • org.delete: Delete information within user's organization.
    • org.read: View org information within user's organization.
    • org.update_deactivate: Update information within a user's organization and deactivate organizations.
    • plan: Create, read, update and delete plans within a user's organization hierarchy.
    • pushrestore: Perform a push restore from and to any device the user has authority to manage.
    • restore: Perform a full web restore for all devices user has authority to manage.
    • search.configure: Configure search related settings.
    • securitytools.settings_write: Edit settings for Code42 Security Tools.
    • select: Remotely browse file and directory names for all devices user has authority to manage. Used for remotely selecting push-restore destination and backup sources.
    • system.command_restricted: View the CLI and run any command for which the user has permission.
    • user: Access, alter or remove any user information.

Org Admin - No Web Restore

  • Recommended use case
    • Administrators who only manage users and devices within a specific organization and who should not perform web restores
  • Administrator functions
    • Add/deactivate users, computers, and organizations 
    • Update settings for users, devices, and organizations
    • View data in the Reporting web app  
    • Read and write to plans
  • End user functions
    • Perform personal backups from the Code42 app and administration console
    Limitations 
    • The user's organization and its child organizations
  • Scope of permissions
    • Cannot add/deactivate users or computers outside their organization
    • Limited access to the administration console command line interface (CLI)
    • Cannot access system logs
    • Cannot perform web restores
  • Permissions
    • account.update: For internal use only.
    • computer: Access, alter, or remove any computer information.
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • cpw.login: For internal use only.
    • fileforensics.settings_write: View and edit file forensics related settings.
    • org.create: Create child organizations within user's organization.
    • org.delete: Delete information within user's organization.
    • org.read: View org information within user's organization.
    • org.update_deactivate: Update information within a user's organization and deactivate organizations.
    • plan: Create, read, update and delete plans within a user's organization hierarchy.
    • pushrestore: Perform a push restore from and to any device the user has authority to manage.
    • search.configure: Configure search related settings.
    • securitytools.settings_write: Edit settings for Code42 Security Tools.
    • select: Remotely browse file and directory names for all devices user has authority to manage. Used for remotely selecting push-restore destination and backup sources.
    • system.command_restricted: View the CLI and run any command for which the user has permission.
    • user: Access, alter or remove any user information.

Org Help Desk

  • Recommended use case
    • Help desk staff who assist others within their organization, but not change any settings
  • Administrator functions
    • View (read-only) users and devices 
    • Restore files to the source user's devices using the administration console
    • View data in the Reporting web app 
  • End user functions
    • Perform personal backups from the Code42 app and administration console
    Limitations 
    • Cannot change settings
    • Cannot add/deactivate users, devices, or organizations
  • Scope of permissions
    • The user's organization and its child organizations
  • Permissions
    • computer.read: View computer information.
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • cpw.login: For internal use only.
    • org.read: View org information within user's organization.
    • plan.read: Read information about plans within a user's organization hierarchy.
    • pushrestore.limited: Perform a push restore only to the source user's devices. There is no size limit.
    • select: Remotely browse file and directory names for all devices user has authority to manage. Used for remotely selecting push-restore destination and backup sources.
    • user.read: View user information.

Org Help Desk - No Restore

  • Recommended use case
    • Help desk staff who assist others within their organization, but who do not change any settings or restore files.
  • Administrator functions End user functions
    • Perform personal backups from the Code42 app and administration console
    Limitations 
    • Cannot perform push or web restores
    • Cannot change settings
    • Cannot add/deactivate users, devices, or organizations 
  • Scope of permissions
    • The user's organization and its child organizations
  • Permissions
    • computer.read: View computer information.
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • cpw.login: For internal use only.
    • org.read: View org information within user's organization.
    • plan.read: read information about plans within a user's organization hierarchy.
    • user.read: View user information.

Org Legal Admin

  • Recommended use case
    • Legal personnel who need to place custodians on legal hold and administer legal holds for the entire Code42 environment, but who only need to restore files from users within their organization. 
  • Administrator functions
  • End user functions
    • Perform personal backups from the Code42 app
    Limitations 
    • No "root" level access
    • Cannot change settings
    • Cannot add/deactivate users, devices, or organizations
  • Scope of permissions
    • The user's organization and its child organizations
  • Permissions
    • computer.read: View computer information.
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • legalhold: Perform any operation regarding any Legal Hold
    • org.read: View org information within user's organization.
    • plan: Create, read, update and delete plans within a user's organization hierarchy.
    • pushrestore: Perform a push restore from and to any device the user has authority to manage.
    • restore: Perform a full web restore for all devices user has authority to manage.
    • select: Remotely browse file and directory names for all devices user has authority to manage. Used for remotely selecting push-restore destination and backup sources.
    • user.read: View user information.

Org Manager

  • Recommended use case
    • Executive users who need statistics, but not technical details, about their organization (not the entire Code42 environment)
  • Administrator functions
    • View (read-only) users and devices 
    • Restore files to the source user's devices using the administration console
    • View data in the Reporting web app 
  • End user functions
    • Perform personal backups from the Code42 app and administration console
    Limitations 
    • Cannot change settings
    • Cannot add/deactivate users, devices, or organizations
  • Scope of permissions
    • The user's organization and its child organizations
  • Permissions
    • computer.read: View computer information.
    • console.login: Log in to the Code42 administration console.
    • cpd.login: Log in to the Code42 app.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.
    • cps.login: Log in to the client desktop.
    • cpw.login: For internal use only.
    • org.readView org information within user's organization.
    • plan.read: Read information about plans within a user's organization hierarchy.
    • pushrestore.personal: Perform a personal push restore.
    • restore.limited: Perform a limited size web restore for all devices user has authority to manage.
    • restore.personal: Perform a personal web restore.
    • select.personal: Remotely browse file and directory names for personal devices. Used for remotely selecting push-restore destination and backup sources.
    • user.read: View user information.

Org Security Viewer

  • Recommended use case
    • Information security personnel who need to retrieve information from devices that use endpoint monitoring.
  • Administrator functions
  • End user functions
    • None
    Limitations 
    • Cannot change settings in the organization
  • Scope of permissions
    • The user's organization and its child organizations
  • Permissions
    • computer.read: View computer information.
    • console.login: Log in to the Code42 administration console.
    • cpp.login: Log in to the administration console.
    • cpw.login: For internal use only.
    • org.read: View org information within user's organization.
    • plan.read: Read information about plans within a user's organization hierarchy.
    • securitytools.data_read: View data collected by Code42 Security Tools.
    • user.read: View user information.

PROe User

  • Recommended use case
    • End users in your organization
  • Administrator functions
    • Sign in to the administration console
  • End user functions
    • None
    Limitations 
    • Cannot access other information or functions of Code42 for Enterprise
  • Scope of permissions
    • Assigned user
  • Permissions
    • console.login: Log in to the Code42 administration console.
    • cpd.restore: Restore from the Code42 app.
    • cpp.login: Log in to the administration console.

PRO-Online Admin - No Web Restore

For CrashPlan for Small Business only. Do not use.

Push Restore

  • Recommended use case
    • Help desk staff who assist others with restoring data. Assign in conjunction with a role that has access to the administration console.
  • Administrator functions
    • Restore files from the administration console
    • View files within backup archives
  • End user functions
    • None
    Limitations 
    • Cannot add/deactivate users, organizations, or devices
  • Scope of permissions
    • All organizations
  • Permissions
    • pushrestore: Perform a push restore from and to any device the user has authority to manage.
    • select: Remotely browse file and directory names for all devices user has authority to manage. Used for remotely selecting push-restore destination and backup sources. 

Remote File Selection

  • Recommended use case
    • Help desk staff who monitor backups. Assign in conjunction with a role that has access to the administration console.
  • Administrator functions
    • View files within backup archives
  • End user functions
    • None
    Limitations 
    • Cannot add/deactivate users, organizations, or devices
  • Scope of permissions
    • All organizations
  • Permissions
    • select: Remotely browse file and directory names for all devices user has authority to manage. Used for remotely selecting push-restore destination and backup sources. 

Security Center User

  • Recommended use case
    • Information security personnel who review information about devices that use endpoint monitoring.
  • Administrator functions End user functions
    • None
    Limitations 
    • Does not directly grant access to view or manage other users. Use this role in addition to an administrative role such as Org Admin.
  • Scope of permissions
    • The user's organization and its child organizations
  • Permissions
    • fileforensics.settings_write: View and edit file forensics related settings.
    • securitytools.data_read: View data collected by Code42 Security Tools.
    • securitytools.settings_write: edit settings for Code42 Security Tools.

User Modify

  • Recommended use case
    • Help desk staff who manage users, but not devices or organization settings. Assign in conjunction with a role that has access to the administration console (such as Org Help Desk).
  • Administrator functions
    • View users
    • Update user information
  • End user functions
    • None
  • Limitations Scope of permissions
    • Cannot add or deactivate users 
    • Cannot update organization settings
    • The user's organization and its child organizations
  • Permissions
    • user.read: View user information.
    • user.update: Update user information.
  • Was this article helpful?