Administration Domains allow you to organize devices into separate domains and delegate their management to Domain Administrators.
Service Providers typically use this feature to restrict the scope of administrators to a subset of network devices.
Domains are only available with an Enterprise license.
Managing Domains
The Domain Management page allows you to create, modify, and delete Administration Domains. This page is only displayed if you are logged in as a Global Administrator.
Click Administration > Domains on the menu to display the domain list:
To add a new domain:
-
Click New Domain page appears:
. The
-
Complete the following details:
Name
Enter a name for the domain (e.g., Customer Name, Business Unit, etc.).
Contact (optional)
Enter the name of the main contact for the domain.
Telephone (optional)
Enter a contact telephone number.
Email (optional)
Enter a contact email.
Address (optional)
Enter a customer or Business Unit address.
Notes (optional)
Enter any additional information.
-
Click the Devices tab to use the device selector and add devices to the domain. Additionally, you can configure the following:
-
Max. devices: the maximum permitted number of devices that can be added to this domain.
-
One or more IP address ranges that are allowed for this domain.
-
A domain-wide NAT IP address, which overrides the system-wide setting. For more information, see Network Address Translation (NAT). This setting can be overridden by the device-specific setting.
-
The devices that are part of the new domain.
-
-
Click the Branding tab (optional) to customize the top left-hand side corner image that will be displayed to a Domain Administrator. Click Choose File to locate a suitable image file on your PC. For best results, the logo should be exactly 100 pixels wide and up to 100 pixels tall, and no more than 40KB in size.
Remove Licence Info
Hides the expiration date for users in this domain.
Remove Serial Number
Hides the appliance serial number for users in this domain.
Remove Help Menu
Disables access to help for users in this domain.
-
Click the License tab (optional) to restrict the domain to expire on a certain date. Click Enforce License to enable the function, and choose a date.
Disable Schedule
Stops all scheduled jobs for this domain when a defined date is reached.
Prevent User Login
Disables users of this domain from accessing the appliance when a defined date is reached.
-
Click Save. The system returns to the domain list.
To edit an existing domain, click the name of the domain.
Administrator Roles
If Administration Domains are enabled, administrators have either a global or a domain scope:
Global Users |
Have visibility and can operate on all the devices on the system, regardless of the domain the devices are assigned to. Logs and status pages display information about all the devices defined on the system. Global users can also assign global credentials to a device that is assigned to a domain. |
Domain Users |
Users with at least one domain set. Their visibility is restricted to devices in their own domain(s). Logs and status pages only display information on the devices in the selected domain(s). |
Restorepoint supports six built-in user roles:
Global Admin |
A “Super User” that has full control on any aspect of the appliance: |
|
|
|
|
|
|
|
|
|
|
Global Backup |
Backup Operator; can perform backups/restores of devices in any domain, but cannot modify devices, users, or appliance configuration. |
Global View Only |
Monitor Operator; can only view existing backups and verify that the system is operating normally. |
Domain Admin |
Has full control of devices and users in their domain. Does not have visibility of devices in other domains, cannot modify the appliance configuration, or transition the appliance from lock-down state to normal state. Logs and status screens only display information related to the domain. |
Domain Backup |
Can perform backups/restores of devices in their domain. |
Domain View Only |
Can only view existing backups, access logs, and status information of devices in their domain. |
You can also define custom user roles. For more information, see Custom User Roles.
You can use the Users page to add or delete administrator or modify their password, scope, or permissions.
Adding a New Domain User
To add a new domain user:
-
Select Administration > Users from the menu. Restorepoint displays the User Management page.
-
Click Add User. Restorepoint displays the New User page as shown:
-
Complete the following fields:
Full Name
Enter the full name of the user.
Username
Enter the new username (up to 16 characters).
Password
Enter the password for the new user (passwords must be between 8 and 24 characters long).
Role
Select the privilege level from the drop-down list. See for the privileges associated with each admin level.
-
Click Update. The updated Users page appears:
Privileges |
View Only |
Backup |
Admin |
View devices/configurations |
Y |
Y |
Y |
Run device operations |
N |
Y |
Y |
Add users/devices; modify system |
N |
N |
Y |
Table 4 : Default Administrator privilege levels (simplified)
Encryption Password |
This field appears if an Admin-level administrator is selected. The encryption password must be between 8 and 24 characters long and must be different from the administrator password. |
Domains |
Assign the user to one or more domains to restrict the user’s scope: |
Editing Devices
If Administration Domains are enabled, you can use the Domain drop-down menu in the Edit Device modal to move a device from a domain to another.
The domain selector will only be displayed if you are logged on as a Global Administrator.