Chapter 7: Using the SafeWord 2008 Management Console
Managing users
146
–
Security policy READ-ONLY/READ-WRITE
allows the local
administrator to read, or create and modify security policy elements (i.e.
ACLs, ACL entries, and roles). Local administrators can be given
complete control of the security policy within a subset of the your
deployment. For instance, if the user population is organized by physical
location, the local administrator for that location can be given the
authority to create or modify the location’s security policy.
–
View audit logs
allows the local administrator to view audit logs that
show a history of user authentication activity within SafeWord.
–
Select
Authenticator management
to allow the local administrator to
create, modify, and delete authenticator profiles, and import hardware
authenticators.
–
Edit local administrators
allows local administrators to create, delete, or
edit other local administrators. The local administrator can still view
other local administrators if not selected.This option is only available
when the local administrator has READ-WRITE privilege on user
records.
When you have made all your selections, click
OK
.
Note:
Local administrators can only use these privileges within their assigned
group hierarchy.
Defining system administrator privileges
A system administrator is the highest level of administrator, therefore having
complete access to all privileges within SafeWord.
14
Ensure that
System administrator
is selected under Administrative Level,
then click
OK
.
Figure 92:
System
administrator privilege
settings