Administrators

Administrators, each with a different set of roles, can be registered. The “Administrator” page shows a list of all the registered administrators. A new administrator can be added by clicking Add admin on the left-hand side menu.

Roles

An administrator can have the following roles:

ROLE_LOGIN
ROLE_ADMIN
ROLE_USER_MANAGER
ROLE_DOMAIN_MANAGER
ROLE_GLOBAL_MANAGER
ROLE_TEMPLATE_MANAGER
ROLE_PKI_MANAGER
ROLE_QUEUE_MANAGER
ROLE_LOG_MANAGER
ROLE_PORTAL_MANAGER
ROLE_AUTHORIZED_RECIPIENTS

ROLE_LOGIN: This is a required role. An administrator with ROLE_LOGIN is allowed to login.
ROLE_ADMIN: This role is similar to having all roles (i.e., an administrator with ROLE_ADMIN is allowed to do anything).
ROLE_USER_MANAGER: An administrator with this role is allowed to add, delete and edit users.
ROLE_DOMAIN_MANAGER: An administrator with this role is allowed to add, delete and edit domains.
ROLE_GLOBAL_MANAGER: An administrator with this role is allowed to edit the global preferences.
ROLE_TEMPLATE_MANAGER: An administrator with this role is allowed to edit templates.
ROLE_PKI_MANAGER: An administrator with this role is allowed to import certificates, delete certificates, import keys, download keys, import CRLs, delete CRLs, update CRL store and manage the CA.
ROLE_QUEUE_MANAGER: An administrator with this role is allowed to manage the queues (with the exception of the quarantine queue).
ROLE_LOG_MANAGER: An administrator with this role is allowed to view the log files.
ROLE_PORTAL_MANAGER: An administrator with this role is allowed to manage the portal settings.
ROLE_AUTHORIZED_RECIPIENTS: An administrator with this role is allowed to manage the list of authorized recipients.