SIEM, Log Management, Security, Compliance, Server Monitoring and Uptime Monitoring Software
Table of Contents

Security Settings

In this Topic

Role-Based Access Control Policies (RBAC)

Out-of-the-box Server Manager limits all access to domain and local administrator accounts. Server Manager enables you to override this default behavior and add roll based permissions in the following ways:

  • Remove administrator access from any domain or local administrator accounts or from the entire administrators group.
  • Provide administrator access to non-administrator accounts.
  • Provide read-only access to any user account or group.

To Remove Administrator Access

From the Root Access Assignment control group:

  • Use the Windows groups drop-down to enter the Windows Groups you would like to allow full access to.
  • Use the Windows users and accounts drop-down to enter the Windows user accounts you would like to allow full access to.

From the Administrator Access Assignment control group:

  • Use the Windows groups drop-down to remove the Administrators group.
  • Use the Windows users and accounts drop-down to remove any assigned administrator accounts.
Important
When removing administrator access, you must assign either an account or a group to Root. Once removed, only root accounts will be able to modify these security settings.

To Provide Administrator Access to Non-Administrator Accounts

From the Administrator Access Assignment control group:

  • Use the Windows groups drop-down to enter the Windows Groups you would like to allow full access to.
  • Use the Windows users and accounts drop-down to enter the Windows user accounts you would like to allow full access to.

To Provide Read-Only Access to Any Account or Group

From the Read-Only Access Assignment control group.

  • Use the Windows groups drop-down to enter the Windows Groups you would like to allow read-only access to.
  • Use the Windows users and accounts drop-down to enter the Windows user accounts you would like to allow read-only access to.

To Enable Smart Card MFA

From the Options control group:

  • Use the Enable Smart Card MFA checkbox to require Smart Card Multi-Factor Authentication.
Important
If this software is deployed to a DoD classified system, this option implements STIG Vul ID: V-222523 - V-222526.

To Set the Maximum Number of Logon Sessions Per User

From the Options control group:

  • Use the Limit the number of logon sessions per user checkbox to enable the maximum number of logon sessions per user.
  • Use the Maximum number of logon sessions per user drop-down to set the maximum number of logon sessions per user.
Important
If this software is deployed to a DoD classified system, this option implements STIG Vul ID: V-222387. The maximum number of concurrent sessions should be defined based upon mission needs and the operational environment for each system.

To Display the Last Logged On Time and Date

From the Options control group:

  • Use the Display the time and date of the user's last successful logon checkbox to display the last time the user logged into the Management Server.
Important
If this software is deployed to a DoD classified system, this option implements STIG Vul ID: V-222437.

To Save and Apply Your Changes

  • Click OK.
  • From the menu bar, select Service | Restart Service.

To Reset the Security Options Back to Default

  • Delete the following file:
    C:\ProgramData\Corner Bowl\Server Manager\server.json
  • From the menu bar, select Service | Restart Service.

Related Topics

Options

Server Configuration