Resilio Connect Management Console starting with v2.4. allows to configure access to WebUI for multiple uses each having their own access level as well as unite them in groups and configure granular access to Agents, Groups and Jobs.
Note that the configured access levels also apply to API tokens. API tokens cannot be generated for AD users.
To add a user go to Settings -> Users. Each user must have at least one user role which defines their access level.
The following default user roles are available:
Super Administrator - has full access to all objects in Management Console: agents, jobs, groups, as well as settings, API, logging, backups, schedule, etc. Additionally SuperAdmin can create, edit and remove other users and user groups.
Administrator - has full access as SuperAdmin, but cannot edit other users; can view but cannot make/restore backups (no access to backups at all in Connect v.2.5); no access to API tokens.
Read-only - this user cannot make any changes and has no access to API tokens and contacting support page. This role can be useful for cases when one needs to monitor the activity, performance and detect any failures.
In addition to default user roles, one can create custom user groups. A user can belong to multiple user groups at a time, the user’s access will be the summary of highest access levels to an object. For example, if within one group the user has “View only” access to everything, and within another group the user can “Edit & Run” a job, the actual access to the job will be “Edit & Run”.
Users that belong only to custom groups and have none of default roles don’t have access to Overview tab with overall performance statistics, and only have access to General Settings tab.
The following access levels are be available:
Groups and agents
- “Full access” means that the user will be able to add/create/edit/delete groups and agents.
- “View only” implies that groups and agents tabs are visible, but the user won’t be able to make any changes there.
When creating a user group, you can manage access only to already existing jobs.
- “Create new job” option allows the user to create all types of jobs. Automatically, the user gets “Full access” to this job, and thus can even grant other users access to it (when editing a job on “Settings” step).
- “View only” means that the user cannot make any changes to the job.
- “Run” - user can only manually start a job. Applies to transfer jobs (Consolidation, Distribution and Script jobs).
- “Edit & Run” adds access to editing a job, but cannot delete it.
- “Full access” means that the user will be able to edit/delete a given job as well as manage other groups’ access to it.