NetScaler Gateway has a default administrator user name and password. The default user name and password is nsroot. When you run the Setup Wizard for the first time, you can change the administrator password.
You can create additional administrator accounts and assign each account with different levels of access to NetScaler Gateway. These additional accounts are called delegated administrators. For example, you have one person who is assigned to monitor NetScaler Gateway connections and logs and another person who is responsible for configuring specific settings on NetScaler Gateway. The first administrator has read-only access and the second administrator has limited access to the appliance.
To configure a delegated administrator, you use command policies and system users and groups.
When you are configuring a delegated administrator, the configuration process is:
NetScaler Gateway has a default deny system command policy. Command policies cannot be bound globally. You must bind the policies directly to system administrators (users) or groups. If users and groups do not have an associated command policy, the default deny policy is applied and users cannot execute any commands or configure NetScaler Gateway.
You can configure custom command policies to define a greater level of detail for user rights assignments. For example, you can give one person the ability to add session policies to NetScaler Gateway, but not allow the user to perform any other configuration.