Host-Group Management Rights

Each admin group has a list of host-group-specific rights that the members of the group have. The permissions are represented as a table with one column for each of the views and one column for the access rights. See Figure 4.5. Each row in the table adds to the permissions of the group. An empty table means that the group has no host-group-specific permissions.

Editing host-group management rights

Figure 4.5. Editing host-group management rights

On a row, a host group can be selected for each view, or any can be selected to apply the access rights to all host groups. If a host group different from any is selected, the access rights in the Access rights column apply only to hosts that are in the specified host group.


The Assign configurations access right can be set for groups only in the fixed host view Configuration. However, the Deploy configurations access right can be set for group combinations, for example the Workstation group in the fixed Configuration view and the Windows group in the OS view.

Tectia Manager has the following access right sets:

Table 4.1. Access rights

Rights sets /

Allowed actions

Approve host changesAssign configurationsDeploy configurationsFull rightsManage certificatesManage softwareView only
Approve host changesx  x   
Assign configurations x x   
Deploy configurations  xx   
Manage certificates   xx  
Manage software   x x 
View hostxxxxxxx