User & Role Management
The only user that comes pre-configured with HCL Detect is the
admin
user.
admin
user can add additional users, including other administrators,
as well as perform other user management tasks by accessing the
User And Role Management
link located
under the Administration
category in the top navigation bar.The user management screen is shown below:
![../_images/screen_2.png](../images/screen_2.jpg)
The UserAndRoleManagement
page.
In the Users
tab, the various roles that are configured in the system
and the users that exist for each such role are depicted.
To add a new user, the administrator must first decide the role for such a user, for
example, the MarketingAnalyst
role can be selected by picking the
corresponding tab in the User Management
page and by clicking on the
Add New User
link:
![../_images/screen_3.png](../images/screen_3.jpg)
Adding a new user.
Subsequently, the Username
, Email
, First
Name
, Last name
, Display name
and
Password
attributes should be filled out. Finally, the
Save
button can be pressed to store this data.
Once completed, the newly added user should be visible in the user interface:
![../_images/screen_4.png](../images/screen_4.jpg)
A newly added user.
The data for an existing user can be modified and the user itself can be removed by another user with user management entitlement.
The deletion and editing are perfomed using Delete
and
Edit
button under Actions
head of the table:
![](../images/screen_5.jpg)
Removing or updating a user's data.
The Roles
page can be accessed by accessing the Roles
tab in the navigation bar:
![](../images/screen_6.jpg)
The Roles
tab.
The HCL Detect, by default, comes with three default roles: the
Administrator
, the Team Manager
and the
Marketing Analyst
:
- The
Administrator
has unrestricted permissions in HCL Detect. - The
TeamManager
does not have the permissions associated with user and role management, but has all the other permissions. - The
MarketingAnalyst
has permissions that are a notch below aTeam Manager
, excluding, for instance, the ability to edit the feeds.
Roles can be renamed and removed.
The removal of a role can only be accomplished if no user(s) with that role exists. The user interface shows an appropriate error when an attempt is made to delete a role that has user(s) assigned to it:
![](../images/screen_7.jpg)
Renaming and deletion options for a role.
A new role can be created by clicking on the AddNewRole
button located
at the top-right corner.
The resulting popup asks the user to enter the name of the new role and, upon clicking on
the Create
button, the corresponding new role is created.
![../_images/screen_8.png](../images/screen_8.jpg)
Adding a new role.
A new role is created without any permissions. Permissions can then be added to the newly created role by clicking on the corresponding checkboxes:
![](../images/screen_9.jpg)
A newly created role (Event Manager) with View events permissions only.
HCL Detect can be optionally configured to do LDAP based authentication. The
LDAPConfiguration
page can be used to configure the LDAP
Configuration
tab in the navigation bar:
![](../images/screen_34.jpg)
The LDAPConfiguration
tab.
To enable LDAP based authentication, we need to click on
ConfigureAndEnableLDAP
button:
![](../images/screen_35.jpg)
Configuring the LDAPConfiguration
tab.
Subsequently, the ServerType
, Hostname
,
Port
, Base DN
, User DN
,
Group DN
, Search User Name
and Search User
Password
attributes should be filled out. Current two type are servers are
supported, i.e., Free IPA
and Active Directory
.
Finally, the Test And Save
button can be pressed to test the server
setting:
![](../images/screen_36.jpg)
Testing the ServerSettings
.
Press Next
Button to start configuring the User Schema
Settings
tab. Now user Object Class
, User Object
Filter
, Username Attrbute
, User Name RDN
Attribute
, User First Name Attribute
, User
Lastname Attribute
, User Display Name Attribute
,
User Email Attribute
and User Distinguished Name
Attribute
attribute needs to be filled based on your organization's LDAP
configurations:
![](../images/screen_37.jpg)
Configuring the UserSchemaSettings
.
Now Click on TestAndSave
button to test the configuration. Test it by
filling Username
and Password
for any existing LDAP
user and clicking `Test And Save
on the popup display.
![](../images/screen_38.jpg)
Testing the UserSchemaSettings
.