C4. Depended Permissions Sections

The list of administrative rights and their features

Code

Permission

Description

Control Center section

Manage groups of stations

 

1*

View groups of stations properties

The list of user groups which administrator sees in the anti-virus network. All system groups are also displayed in the anti-virus network tree, but only stations from the specified group list are available inside.

Anti-virus Network

Anti-virus Network → General → Properties

2*

Edit groups of stations properties

The list of user groups, properties of which administrator can edit.

Must contain groups from the list of permission 1.

3

View groups of stations configuration

The list of user groups, configuration of which is available to view by administrator. Also, administrator is permitted to view configuration of stations, for which the groups from the list are primary.

Must contain groups from the list of permission 1.

Anti-virus Network

Anti-virus Network → General → Running components

Anti-virus Network → General → Quarantine

Pages from the Configuration section

4

Edit groups of stations configuration

Same as permission 3, but editing is permitted.

Must contain groups from the list of permission 3.

5

View stations properties

The list of user groups that are primary for stations properties of which administrator is permitted to view.

Must contain groups from the list of permission 1.

Anti-virus Network

Anti-virus Network → General → Properties

6

Edit stations properties

Including ACL, blocking, access, etc.

Same as permission 5, but editing is permitted.

Must contain groups from the list of permission 5.

8*

Move stations into groups and remove stations from groups

The list of user groups.

Must contain groups from the list of permission 1.

Anti-virus Network

9

Delete stations

The list of user groups that are primary for stations  which administrator can delete.

Must contain groups from the list of permission 1.

10

Remote Agent installation and deinstallation

The list of user groups, for stations of which administrator is permitted to run remote installation of Agents with selected ID. These groups must be a primary for installing stations.

Must contain groups from the list of permission 1.

Menu item is not displayed if there are forbidden objects.

Network installation is available from the /esuite/network/index.ds only in if 16 permission is allowed.

11

Merge stations

The list of user groups stations of which can be merged. These groups must be a primary for stations. The icon to merge stations is available on the toolbar.

Must contain groups from the list of permission 1.

12*

View statistic tables

The list of user groups statistics of which can be viewed by administrator.

The permission allows to create a task in the Server schedule to receive periodically reports. The ist of user groups which administrator can be specify in the task is set (groups for stations of which the reports will be received). If Everyone is set, reports will be received for all groups from the list.

Must contain groups from the list of permission 1.

Anti-virus Network

pages from the Statistics section

23

Edit licensing

The list of user groups for which administrator can add/change/remove a license key. These groups must be a primary for the stations.

Must contain groups from the list of permission 1.

 

Manage administrators

 

25

Create administrators, administrative groups

The corresponding icon in the toolbar is hidden either.

Administration → Configuration → Administrators

26

Edit administrators accounts

Administrator from the Newbies group sees only a tree of administrators, the root node of which is a group of this administrator, i.e. sees administrators from the own group and its subgroups. Administrator from the Administrators group sees all other administrators not depending on their groups.

Administrator can edit administrative accounts from the specified groups. At this, the corresponding icon in the toolbar become available.

27

Delete administrators accounts

Same as permission 26.

28

View properties and configuration of administrative groups

Including administrators in groups and subgroups.

Administrator is able to select only from a subgroup of own parent group.

39

Display the “Newbies” administrative group

Allow administrator to view the pre-installed Newbies group in the administrators tree.

If administrator has not got permissions for viewing the group Newbies, and administrator is in this group, then administrator will see only own account.

29

Edit properties and configuration of administrative groups

Including administrators in groups and subgroups.

Administrator is able to select only from a subgroup of own parent group.

If this permission is denied, even if permission 26 is allowed for this groups, administrator will not be able to disable inheritance or increase permissions to administrator in the group.

Additional

 

7

Create stations

At station creation, only the list of groups with permission 8 is available (group to which stations are placed, must have the 8 permission).

At station creation, one of available user groups must become primary.

Anti-virus Network

13

View audit

Audit is available for full-rights administrator and for objects with permission 4.

Administration → Statistics → Audit log

16

Run Network scanner

If the permission is denied, the network installation for the /esuite/network/index.ds is not available.

Anti-virus Network

Administration → Network scanner

17

Approve newbies

The groups list from permission 8 is available.

This permission cannot be granted if an administrator is allowed to manage only several groups but not all anti-virus network objects. I.e., for the permission 1 (View groups of stations properties) the set of groups is specified.

Anti-virus Network

18

View Server schedule

The Tasks execution log table viewing.

If the 12 and 18 permissions are forbidden, the view of the Server schedule page is forbidden.

If the 12 permission is allowed but the 18 is forbidden, when viewing statistics schedule is available.

The task for sending reports for respective administrator is displayed depending on the presence of the 12 permission and Periodic report, notification even if the 18 permission is forbidden.

Administration → Configuration → Dr.Web Server Task Scheduler

Administration → Statistics → Task execution log

19

Edit Server schedule

 

Administration → Configuration → Dr.Web Server Task Scheduler

20

View Server configuration and repository configuration

 

Administration → Configuration → Web server configuration

Administration → Repository → Repository state

Administration → Repository → Delayed updates

Administration → Repository → General repository configuration

Administration → Repository → Detailed repository configuration

Administration → Repository → Repository content

Administration → Logs → Log of repository updates

Administration → Configuration → User hooks

Administration → Dr.Web Server → Versions list

21

Edit Server configuration and repository configuration

 

22

View license information

 

Administration → Administration → License Manager

24

Edit notifications configuration

 

Administration → Notifications → Notifications configuration

Administration → Notifications → Unsent notifications

Administration → Notifications → Web console notifications

30

Operation via XML API

 

-

31

View neighborhood connections

 

Neighbors

32

Edit neighborhood connections

 

Neighbors

33

Use additional features

Limits assess to all subsections of Additional features section except the Utilities subsection which is always available.

Administration → Additional features

34

Update repository

Update Server repository from GUS.

The Update repository button in the Repository state section

42

Edit own settings

Permission to edit settings of own administrative account

Administration → Configuration → Administrators

* Permissions 1, 2, 8, 12 are defined for station by the list of groups into which it is included but not by a primary group of the station.

If a station is included into the group and for the group some of this permissions are granted, when administrator will have access to the functions corresponding to these permissions not depending on whether the group is primary for the station or not. At this, granting is in priority: if a station is included into both granted and denied groups, administrator will have access to the functions corresponding to the permissions of granted group.