Issue
- View or edit functionality permissions within a permission set
- Common tasks and their required permissions
Details
Click to expand
To perform tasks in the ESET PROTECT or ESET PROTECT On-Prem, users must have appropriate functionality permissions. Functionality permissions are part of permission sets and are granted when the permission set is assigned to a user.
Permission sets also determine access rights—that is, which static groups the user can access.
The functionality permissions are defined under Functionality within a permission set. For more information, see Managing Permission Sets or learn how you can create a permission set.
Solution
View or edit functionality permissions within a permission set
-
Click More → Permission Sets. Click the permission set whose functionality permissions you want to view or edit and click Edit.
-
Click Functionality and check the table below Granted Functionality. If needed, modify the functionality permissions and click Finish. For more information, see the description of what actions each permission type allows.
When the permission set is prepared and includes permissions for the required tasks, assign the permission set to the user whom you want to allow to perform the tasks.
Common tasks and their required permissions
Generate a report
Required permissions for the home group:
| Functionality | Read | Use | Write |
| Reports and Dashboard | ✓ | ✓ | ✓ |
| Send Email | ✓ | ||
| Generate Report (under Server Tasks & Triggers) | ✓ | ✓ | ✓ |
| Export report to file* | ✓ |
* Applies to ESET PROTECT On-Prem only (the Save to file option).
Required permissions for each affected object:
| Functionality | Read | Use | Write |
| Groups & Computers | ✓ | ✓ |
Deploy ESET Management Agent using Agent script Installer
Required permissions for the home group:
| Functionality | Read | Use | Write |
| Stored Installers | ✓ | ✓ | ✓ |
Required permissions for the group that contains the modified object:
| Functionality | Read | Use | Write |
| Certificates* | ✓ | ✓ |
* Applies to ESET PROTECT On-Prem only.
Required permissions for each affected object:
| Functionality | Read | Use | Write |
| Groups & Computers | ✓ | ✓ | ✓ |
Deploy the ESET Management Agent and ESET endpoint application together
Required permissions for the home group:
| Functionality | Read | Use | Write |
| Stored Installers | ✓ | ✓ | ✓ |
| Policies | ✓ | ✓ |
Required permissions for the group that contains the modified object
| Functionality | Read | Use | Write |
| Subscriptions | ✓ | ✓ | |
| Certificates* | ✓ | ✓ |
* Applies to ESET PROTECT On-Prem only.
Required permissions for each affected object:
| Functionality | Read | Use | Write |
| Groups & Computers | ✓ | ✓ | ✓ |
Deploy or upgrade ESET business applications
Required permissions for the home group:
| Functionality | Read | Use | Write |
| Client Tasks | ✓ | ✓ | ✓ |
Required permissions for the group that contains the modified object
| Functionality | Read | Use | Write |
| Subscriptions | ✓ | ✓ |
Required permissions for each affected object:
| Functionality | Read | Use | Write |
| Groups & Computers | ✓ | ✓ |
Execute a client task
Required permissions for the home group:
| Functionality | Read | Use | Write |
| Client Tasks (all or only specific tasks) | ✓ | ✓ | ✓ |
Required permissions for each affected object:
| Functionality | Read | Use | Write |
| Groups & Computers | ✓ | ✓ |
Create or edit a policy
Required permissions for the home group:
| Functionality | Read | Use | Write |
| Policies | ✓ | ✓ | ✓ |
Assign a policy to a client device or unassign it
Required permissions for the home group:
| Functionality | Read | Use | Write |
| Policies | ✓ | ✓ |
Required permissions for each affected object:
| Functionality | Read | Use | Write |
| Groups & Computers | ✓ | ✓ |
Request the configuration of an ESET application on a client device
Required permissions for the home group:
| Functionality | Read | Use | Write |
| Export Managed Application Configuration (under Client Tasks) | ✓ | ✓ | ✓ |
Required permissions for each affected object:
| Functionality | Read | Use | Write |
| Groups & Computers | ✓ | ✓ |
Create and generate notifications
Required permissions for the home group:
| Functionality | Read | Use | Write |
| Notifications | ✓ | ✓ | |
| Send Email (to distribute notifications via email) | ✓ | ||
| Send SNMP Trap (to distribute notifications via SNMP Trap)* | ✓ |
* Applies to ESET PROTECT On-Prem only.
Required permissions for each affected object:
| Functionality | Read | Use | Write |
| Groups & Computers | ✓ |
Edit ESET PROTECT Server Settings (ESET PROTECT On-Prem only)
Required permissions for the home group:
| Functionality | Read | Use | Write |
| Server Settings | ✓ | ✓ |
Add or edit users
Required privileges for each affected object:
| User Groups | Read | Use | Write |
| All Groups (or a specific user group) | ✓ | ✓ | ✓ |
Send a file to ESET LiveGuard Advanced for analysis
Required permissions for the home group:
| Functionality | Read | Use | Write |
| Submit executable to ESET LiveGuard (under Client Tasks) | ✓ | ✓ | ✓ |
Required permissions for each affected object:
| User Groups | Read | Use | Write |
| All Groups (or a specific user group) | ✓ | ✓ |
