Symantec Endpoint Encryption Admin Server Roles and Server Roles Report
search cancel

Symantec Endpoint Encryption Admin Server Roles and Server Roles Report

book

Article ID: 214027

calendar_today

Updated On:

Products

Endpoint Encryption Drive Encryption Desktop Email Encryption Encryption Management Server File Share Encryption Gateway Email Encryption PGP Command Line PGP Key Management Server PGP Key Mgmt Client Access and CLI API PGP SDK

Issue/Introduction

Symantec Endpoint Encryption includes many features to help administrators manage their encrypted environment.  One such feature is the ability to assign various permissions for Symantec Endpoint Encryption roles to include various levels of granularity.   

These roles are assigned in the SEEMS Configuration Manager and this article will go over this process. 


Resolution

To view and assign the Server Roles:

Login to the Windows Server where the SEE Management Server is installed.
Open the SEEMS Configuration Manager.
Click on Server Roles.

The resulting screen will list the available roles you can assign. You can add groups and individual users to assign these roles to.

 

Below is a detailed list of the roles and what they allow the group/users to do:

Server: This permission gives the users access the SEE Management Server, to be able to promote other administrators and assign more roles.

Setup: This allows the permission for an admin to install the SEE Client.

Reports: This allows the users to see the Server Reports.

Policy: This allows the users to administer the SEE Policies.

Helpdesk: This allows the users to see the Help Desk Web Console to obtain recovery keys.

 

*Note*: It is always recommended to give the least amount of privileges to perform duties.  For example, you would not provide someone access to Reports if the only function they will be performing will be Helpdesk.

 

In order to access the Roles Report, login to the SEE Management Server Web Console, and then expand Management Server, then click on "Admin Server Roles":

Once on this page, click on the "Share" icon and then you can save the CSV file for further review.

 

 


The report above will include all the various levels of access that each SEE Administrator has been provided ranging from Helpdesk access for recovery keys, to Server Access where full permissions may be assigned. 

 

Additional Information

162352 - Symantec Endpoint Encryption Help Desk Recovery (Challenge Key Recovery - Connectionless Recovery)

258513 - Symantec Endpoint Encryption Help Desk Recovery (Connected Recovery - SEE Client connected to the SEE Management Server)

 

259042 - How to Reset the Symantec Endpoint Encryption Management Server Password