HP Web Jetadmin - Security and HP Web Jetadmin
3
using the Run As… feature (which is accessed through Internet Explorer > Start and then right-clicking
on Programs).
HP Web Jetadmin administrator role
After installing HP Web Jetadmin, all accounts with membership to the local administrators group also
have HP Web Jetadmin administrative account access to all features and settings of the HP Web
Jetadmin server. Within the client, this account role privilege is referenced as HP Web Jetadmin
Administrator (Read Only). The administrator role is read-only, and cannot be deleted. Any local user,
domain user, or group that is part of the Microsoft local administrator group of the HP Web Jetadmin
server host has full administrator rights to the HP Web Jetadmin server. Additional roles beyond
administrator can be created to define access or privileges to different users, based on their job
functions.
Creating roles
Role creation is performed by launching the
Create Role tool from Application Management
> User Security > Roles from the navigation tree
and selecting New (see Figure 1).
First, select the restriction type None for global
permission choices that apply to all parts of the
application.
The Groups restriction type provides permission
choices that are specific to device groups.
Groups permissions are discussed in “Device
group restriction type” on page 5.
After the restriction type is selected, the
permission settings can be defined (see
Figure 1). Use the checkboxes to enable or
disable access to application features. For
example, you can allow access to device
features for a group working within helpdesk
operations. These permissions can allow viewing device status and information, but not allow device
configuration.
After specific permission settings are configured, click Next to assign the Role Name. Once role
settings are complete, a Confirm screen displays the selected settings. Next, the Results screen shows
the role as it was just created and has a checkbox that enables Assign to users now (this is checked
by default). Any role can be edited to have its name and/or permissions changed. Changes to
Restriction type are not allowed after the role has been created.
Existing roles can be edited to have their permissions changed. Roles can also be removed and the
deletion of a role is immediate to all connected clients. To access existing roles, go to Application
Management > User Security > Roles from the navigation tree.
User/role assignment
Custom roles, and the HP Web Jetadmin Administrator role, can have one or more user assignments.
Assign users and roles with Windows users or user groups. These users or user groups can be based
in either the local system or on the Windows domain.
HP Web Jetadmin servers joined to a Windows domain exist in the list of domain member computers.
Users logging onto the computers are members of the domain. These users, as well as user groups to
which they may belong, can be assigned to HP Web Jetadmin roles. Once these assignments are
made, users have access to the features defined within role permissions settings.
Figure 1—Role permissions