How to modify a Symantec Validation Identity Protection (VIP) administrator permissions
VIP Administrator permissions represent the tasks and functions that an administrator is allowed to perform.
VIP Administrator Group permissions represent the tasks and functions that members of the group are allowed to perform. An administrator automatically inherits the permissions of the group they are assigned to. Additional permissions can be manually granted to members of the group, but permissions assigned to that group cannot be removed from members without first removing them from the group.
To modify a VIP administrator:
|Audit Reports||Show View Audit Reports under the Reports tab. Audit reports contain all actions performed by VIP administrators, VIP APIs, VIP LDAP sync, etc.
|Credential Reports||Show Credential Reports under the Reports tab. Credential reports contain credential, SMS, and voice data (no user data)
|Export to CSV*||Allow data to be exported from VIP Manager. The Export to CSV option is available if selected.
|Customer Credentials||Credential View, Modify, Generate, and Create permissions. The Credentials tab is not available if no permissions are selected.
|End User Management||End-user View, Modify, and Create permission. The Users tab is not available if no permissions are selected.
|Account settings*||Change VIP account policies and security settings for users, credentials, etc.
|VIP Administrator Management*||View, Modify, and Create VIP administrators.
|Certificate Management*||Request, download, and revoke certificates for the VIP service.
|User Group Management*||View and modify VIP User Groups.
|Administrator Group Management*||View and modify VIP Administrator Groups.
*Sensitive permission: recommended for super VIP administrators only.