Product Documentation

User Accounts and Roles

Dec 21, 2015
You manage user accounts in Device Manager by using the following commands from the User table toolbar or context menu:
  • New user. Add a user account to Device Manager.
  • Update. Edit a user account.
  • Manage. Maintain a user account’s membership in Device Manager groups, subject to certain limitations.
  • Delete. Remove a user account from Device Manager.
  • Import. Read a provisioning file containing user accounts or properties to automatically create user account objects and update their attributes.
To search for a user account, on the Users tab, you use the Search tool. Type a search string into the Search field and then click the search icon.
Note: Searches are not case-sensitive; search results display matching user accounts in a separate table that does not include a "currently selected group" in the Group pane. (That is, no groups are selected.)

User Roles in Device Manager

Device Manager implements four default user roles to logically separate access to system functions, as shown in the following table. The columns represent the roles and the rows represent the system functions.

Citrix recommends that you assign the Support role to Help desk staff who require the ability to implement remote control sessions on mobile devices.

System function Administrator Support Provisioning User

Log into administration console

X

     

Use remote support application

X

X

   

Use device provisioning application

X

 

X

 

Use a mobile device

X

X

X

X

You can use role-based access control (RBAC) to create new user roles with permissions to access specific system functions beyond the functions defined by the default roles as shown in the preceding table. You can create new roles in Device Manager and then select specific features to which you want administrators to access. For example, you may want to create roles for the following purposes:

  • To prevent some administrators from viewing or wiping the devices of specific users.
  • To allow specific users to only run reports.
  • To enable super users to have access to everything, including the ability to create and limit other user roles.

You can view details about users and groups, such as the dates you created and modified a user or group on the Reporting tab.