|
Check your authorization record -- Your authorization record needs the Add Users, Assign Authority, and Assign Peer Authority (optional) privileges:
|
|
|
Add Users -- If the new administrator is not yet a user in the system, you must have full Add Users privileges for the organization where you are adding the new administrator. For more information, see The Message Security Authorization Reference, “All Standard Privileges” chapter’s AddUsers privilege.
|
|
|
Assign Authority -- To create new authorization records for users in your organization and sub-organizations, and to view or edit existing authorization records for users in your organization and sub-organizations, you must have full Assign Authority privileges. For more information, see The Message Security Authorization Reference, “All Standard Privileges” chapter’s Assign Authority privilege.
|
|
|
Assign Peer Authority -- To create a peer administrator record in the same organization as one of your administrator records, you must have the +Modify Assign Peer Authority privilege. For more information, see The Message Security Authorization Reference, “All Standard Privileges” chapter’s Assign Peer Authority privilege.
|
For further information on viewing your authorization record, see Viewing and Editing Authorization Records. If you, as the managing administrator, do not have these privileges, contact your account administrator.
|
|
Create a user -- The new administrator must be an existing user in the system. If the user does not already exist, you must create a new user. For more information about how to add a new user, see Add / Delete / Move Users.
|
|
|
Define the new administrator -- Deciding what type of administrator to create is a critical preliminary step before configuring the new administrator. It is common for one administrator to have several administrative jobs. This administrator’s configuration is a combination of the administrator types described in this chapter. For a chart comparing different administrator types, see Comparing Types of Administrators.
|
|
|
Decide where to place the authorization records -- Once the administrator type is determined, decide what part of your organization hierarchy the new administrator will manage. This is where you assign the administrator’s authorization records. In some instances, an administrator has several records assigned to different organizations. See Types of Administrators.
|
|
|
Create an administrator -- Create the new administrator and configure the authorization record. Follow the instructions in Creating an Administrator. When you are ready to populate the administrator’s authorization record, see Types of Administrators for the recommended privilege settings for each type of administrator.
|
|
|
If needed, customize the authorization record -- Use the detailed reference information for each privilege to customize your administrator’s settings. See The Message Security Authorization Reference, “Message Archiving Privileges”, “All Standard Privileges”, and “Inbound Mail Processing” chapters.
|
Note: An account administrator, with the Assign Peer Authority privilege enabled, can create and change settings for a peer account-level administrator.
|
1.
|
If the user does not already exist, create a user account for the administrator. See Add / Delete / Move Users for more information.
|
|
2.
|
In the Administration Console, go to Orgs and Users > Authorizations.
|
|
4.
|
Click List.
|
|
6.
|
Edit and set the privileges you want to give the administrator. For more information on recommended settings for common administrator types, see Types of Administrators.
|
WARNING: Modifications to the authorization record take effect immediately. Unlike modifying a user or organization, you do not have to click a submit button to save to the authorization record.
|
7.
|
The new administrator receives a temporary password for the Administration Console. You can view this password in the User page for the new administrator. When the administrator logs in for the first time, the administrator is prompted to change the password.
|
|
2.
|
In the Authorizations page, choose an organization from the Choose Org pull-down list, or enter an administrator’s address, and delete the text in the by organization field (if any).
|
|
3.
|
Click List.
|
Note: Administrators who have authorization records in the same organization (peer administrators) can edit each other’s authorization records.
|
5.
|
In an emergency or under special circumstances, an administrator can delete a peer administrator. For example, bchad@corp.jumboinc.com can delete the New York authorization record assigned to abradley@corp.jumboinc.com. Click Delete to delete a peer administrator’s authorization record.
|
|
6.
|
Click Edit profile to display the administrator's authorization record for that organization.
|
|
7.
|
Edit the administrator’s Read or Modify privileges.
|
|
a.
|
With the Read privilege, an administrator can view settings and configurations.
|
|
b.
|
With the Modify privilege, an administrator can edit settings and configurations. For recommended administrator-privilege settings, see recommendations for each type of administrator in Types of Administrators.
|
|
c.
|
If the privilege checkboxes are greyed out, you do not have privileges to edit the administrator’s authentication record. Contact your appropriate support channel.
|
|
d.
|
You have the option of assigning a category of privileges (such as “User Settings”) or a specific privilege within that category (such as “Add Users”). By selecting a category, all privileges in the category are selected. You can then deselect specific privileges if necessary.
|
WARNING: Unlike modifying a user record or organization record, you do not have to click a “Submit” button to enforce changes or additions to the authorization record. Modifications to the authorization record take place immediately. There is no opportunity to cancel changes.
Note: POP Authentication is a legacy feature of the message security service. If you would like to know more, or if you have any questions, please contact Support.
Authenticating users through POP authentication passes unencrypted passwords across the Internet. Because that would introduce a security risk, administrators never authenticate using POP. When you create an administrator in an organization which uses POP authentication, PMP will be used instead.
Authentication by cross-authorization and by PMP is secure, and therefore acceptable for administrator log in. For more information, see User Authentication.
|
|
|
|
|
|
|
|
|
|
|
|
|