I am having issues with permissions on my virtual machines (VMs) and the operations that can be performed through the Management Console. How do I fix this issue and what is the best practice to setup permissions?
The User Management feature in the Acronis Cloud Security product is designed to set permissions on the VMs and the operations that can be performed from the Management Console. These permissions are unrelated to a user's permissions that are set in the Windows or Active Directory (AD).
User management is found in the following drop down menu, Settings ->Users Management:
All users are managed in the Select User dialog box:
1. To add a user, click Add, and then enter the user parameters in the following dialog box:
2. Select the User Type:
Custom user: this option lets you create custom users independently from AD and is used only within Acronis Cloud Security to identify permissions. If you’re working in a mixed environment, please select this option. You can set any user name and password for this user type.
Windows user: this option applies to a single domain environment only and available only for Global Group membership. This user should already exist in AD.
3. Select Tenant: The list content depends on how many tenants have been previously created. Global Group represents global user group membership and it’s always present in the list.
4. Enter the username in the Name field:
For Custom user type, you can enter any name of your choice (for example Admin). This naming convention will not interfere with any of the Windows (and/or AD) user names even in the event that they are similar.
For Windows user type, enter the domain user name registered in the Active Directory. You can enter the user name in DOMAIN\User format or just the name without specifying the domain (the proper domain will be added automatically).
5. Set the password for the Custom user type in the Password field.
6. Click OK to complete the operation. The newly added user will display in the Select User dialog box.
7. To remove the user, select the user in the Select User dialog box, and then click Remove. If the permissions have already been set for the user, please remove them first as described in the next section here, and then proceed.
Configuring User Permissions
1. To configure user permissions, select the Settings -> Permissions Management item (or right click the tenant and use the Edit users and permissions context menu to set the permissions). The Permissions Management dialog box will appear:
2. Click Add to assign a new role for the user. The User Permissions dialog box will open:
3. Click the Select button to select the user and click OK to add a new role :
Security Administrator: This role grants full permissions on the Hyper-V environment for the user, who will act as either a global administrator or a tenant administrator, depending on which group the user is assigned to.
Auditor: This role grants the user the ability to view either the whole Hyper-V environment or a tenant environment depending on which user group the user is assigned to. In this role, the user can review virtual firewall and IDS logs but cannot apply any changes.
4. Click Apply in the Permissions Management dialog box to complete the configuration of User Permissions:
5. To edit the user, select the user in the Permissions Management dialog box, then click the Edit button and repeat the actions described above.
6. To remove the user, select the user in the Permissions Management dialog box, then click the Remove button. This step must be done prior to removing the user in the User Management dialog box.