This topic explains which credentials can be used to access Miradore Management Suite, and how the user credentials and user permissions are managed in Miradore.
Miradore supports three different authentication methods which are described on the following table.
Supported authentication methods
Authentication method |
Description |
Miradore authentication |
Miradore authentication allows users to login to Miradore using their Miradore accounts. Miradore accounts can be created in the User accounts view, from the MSP Console, or through the self-service user account creation function. The self-service user account creation function can be enabled/disabled from the Miradore System settings. |
Active Directory authentication |
Active Directory authentication allows users to log in to Miradore using their accounts in Active Directory domain. In order to use Active Directory authentication, the AD users and groups must be added to Miradore user groups. For more information, see User management use cases. |
Local Windows accounts authentication |
Local Windows accounts authentication allows users to log in to Miradore using their local Windows accounts on the Miradore server. In order to use local Windows accounts authentication, the local users and groups must be added to Miradore user groups. For more information, see User management use cases. |
User permissions are primarily granted to user accounts (or groups) by adding them as members into the Miradore user groups. Group members inherit permissions from the parent group.
For example, if you want to give administrators privileges to a user, add the user to Administrators group or to some subgroup of the Administrators group. If a user is a member of multiple groups, the user has all permissions granted by his/her group memberships.
For example, if group A is a member of group B and the group B is a member of group C, then the group A members inherit all permissions from the groups B and C.
Default user permissions can be customized using item permissions. With the item permissions, it is possible to limit or expand the user default access to asset configuration items. For more information, read Customization of user permissions.
Operators, Helpdesk operators, Readers, and Network operators user groups have read access to all asset configuration items in Miradore by default. If needed, you can use the item permissions to limit their read access to certain assets only, or to give them a write access too . The write access also enables to perform operations, such as package installations.
Item permissions do not have an effect to the following permissions:
Miradore administrators always have full read and write permissions to all configuration items in Miradore Management suite.
Administrators always have access to user information in Miradore Management Suite, but other users' access can be blocked by adding the users as members of "Deny user listing" user group. The members of "Deny user listing" group cannot open Users view or User item form.
If a user doesn’t belong to any user group, then the user cannot login to Miradore Management Suite.
See also
System permissions by user roles
Miradore password policy management
Account lockout policy settings
How to request a user to change password at next logon