User Roles
Creating a role on the appliance lets you use an Active Directory server to remotely control authentication and access permissions on the LogLogic appliance.
The appliance role corresponds to a group on the Active Directory server.
After an appliance is created, it uses the role's corresponding AD groups for login authentication, permission settings, and access to specific log sources just as if the user was configured directly on the appliance. Users can be configured with multiple roles.
When defining a role on the appliance, you map it directly to an existing Active Directory group. If you want to create an appliance role for which an AD group does not exist, you must first create the group on the AD server.
The LogLogic appliance permission settings you assign to that role are automatically applied to all users in that AD group who log in to the appliance. You assign users to roles by including the users in the corresponding AD groups on the AD server.
The Directory Roles tab lists all the Active Directory roles defined for use on the appliance. You can access the Directory Roles tab from .
Directory Roles is available in the GUI only if an Active Directory remote authentication server is enabled in the tab. If you create roles then disable the AD server in the GUI, the roles are retained for whenever the AD server is re-enabled.
- To add a new role to the appliance, click Add New. The General tab appears.
- To modify an existing role on the appliance, click the role’s Role Name.
- To remove a role from the appliance, check the role’s check box and then click Remove.
If you configure Active Directory use on a Management Station, the managed appliances also display the Directory Roles tab.