For permission setting, Admin Accounts are assigned as members to Admin Groups. The Admin groups and permissions are managed on the Manage admin groups and permissions page.
Permissions to perform actions are given to admin groups. Each group has permissions to perform the selected global actions and host-group-specific actions to selected hosts. One admin account can be a member of any number of admin groups.
The permissions are defined as two main types of access-controlled management actions that admins can perform via the Tectia Manager administration interface:
There is one built-in and read-only admin group called Superusers. Members of this group are superusers, and have full rights to do anything. The initial superuser account configured with the initial configuration wizard is automatically added to this group. Members can be added to and removed from the group, but the last member cannot be removed to ensure there is always at least one working superuser account.