As User is anyone that needs access to either the Web Interface or Client Boot Image.

I. New


The name the user will login with



There are two types of Memberships.  Administrators and Users.  Administrators have complete control over the system and cannot be controlled by ACL’s.  Users have as much power as you want to give them using ACL’s.  By default a new user only has search permissions, and cannot really do anything until more permissions are applied.


Email (Optional)

If Email notifications are enabled in Admin -> Email, you can set the user’s email here.


Security Token

This is essentially the api key that is returned when logging in to the client boot image.  It is used to Authorize calls to the client service.  If you feel that a user’s token is ever compromised you can generate a new one.



The last 4 check boxes set the type of email notifications you want that user to receive.


II. Search

The search screen is the default view when you select Users. It displays all of the users that have been added to the database. The search bar implies a wildcard before and after the string you enter. Leave it blank for all users. You can also use this view to delete multiple users as well as view additional options for an individual user.

III. View

The view screen presents an additional set of options for the user you selected.


Allows you to modify the fields that were set when you added the user.


Access Control -> General

Here you can set specific permissions for a user.  I think they are mostly self explanatory.  You’ll notice the smart group permission does not have a box for read, delete, or search.  They are inherited from Group permission.  Administrators do not use ACL’s.  If you are not using Group Based Computer Management or Image Management, then these permissions are globally applied for this user to all computer, groups, and images.


Access Control -> Group Based Computer Management

If you want to limit a user to only have control over specific groups and computers this is where you do it.  Anytime you have checked at least one group, this feature is enabled, otherwise it is disabled.  The permissions for these groups and computers are still controlled by the ACL’s page.  For example, if checked the box for a group named mytest group, this user would have any permission that was set on the ACL’s page for this group and all computers in the group.  Any other groups or computers the user would not have any permissions for.


Access Control -> Image Management

This is mostly the same as Group Based Computer Management but applied to images.

in Web Interface