Popular searches:GDPR, ESG 5 migration guide, "How to configure Libraesva ESG for Microsoft 365"

User types and Permissions

746 views 1 November 6, 2023 Updated on November 7, 2023 sal

Print to PDF

The role is one of most important characteristic of an user in ESG as defines how wide the administration access to the appliance is. Higher role means wider access, but implies higher responsibility.

To manage users you can read the User Management documentation page.
In this knowledge base are explained what is the goal of each role and what permissions the user can have with each role.

Administrator

Administrators have the full access to the appliance, they can edit all the appliance settings, see all the email traffic going through the appliance.
This is the only account that can add other users of any type.
Note: spam scores settings for the “admin” user will be used as default spam scores levels for the appliance and will be inherited from all users without any custom explicit setting.

The permissions of an Administrator are Release, manage the Welcomelist and manage the Blacklist.

Quarantine Administrator

Quarantine Administrators are Read-Only Administrators that can manage the quarantine and release messages, but cannot make configuration changes.
Note: Quarantine Administrators can see all the email traffic going through the appliance.

The only permission of a Quarantine Administrator is to Release messages.

Read-Only Administrator

Read-Only Administrators can see any kind of information on the appliance, but cannot make configuration changes.
Note: Read-Only Administrators can see all the email traffic going through the appliance.

When the admin creates a Read-Only Administrator he can set its permissions to:

  • Mark for Release (the user can send quarantine release requests to the admin)
  • No actions (the user can’t perform any action)

Domain Admin

Domain Admins can manage all the settings and see all the email traffic for its domain. It can manage spam, welcome/block lists, and run reports for all users that belong to their domain. This account can override the “admin” user default spam scores levels for its domain.

To assign a domain to a Domain Admin, please see the User Management documentation page.

Note: the Domain Admin can also set a Privacy Password for its domain if this configuration was enabled in the System Preferences page.

The permissions of a Domain Admin are Release, manage the Welcomelist and manage the Blacklist for its domain.

Quarantine Domain Admin

Quarantine Domain Admins are Read-Only Administrators that can manage the quarantine for their domain and release messages, but cannot make configuration changes.

The only permission of a Quarantine Domain Admin is to Release messages for its domain.

Read-Only Domain Admin

Read-Only Domain Admin can see any kind of its domain related information on the appliance, but cannot make configuration changes.
Note: Read-Only Domain Admin can see all the email traffic going through the appliance for its domain.

When the admin creates a Read-Only Domain Admin he can set its permissions to:

  • Mark for Release (the user can send quarantine release requests for its domain to the domain admin)
  • No actions (the user can’t perform any action)

User

Users can access their messages, manage their quarantine and edit their own welcome/block lists.
Each user can schedule its quarantine digest report delivery and set its spam scores overriding the Domain Admin ones.

When the admin creates a User he can set its permissions to:

  • Release, Welcomelist, Blocklist (the user can Release its messages or manage its Welcomelist/Blocklist)
  • Release (the user can Release its messages)
  • Mark for Release (the user can send quarantine release requests for its domain to the domain admin)
  • No actions (the user can’t perform any action)

Functional User

Functional Users can only be created automatically by the import process for Microsoft 365, Google Workspace, or LDAP and represent Shared Mailboxes or Groups that are not bound to any users. Functional users cannot log into ESG and have limited quarantine capabilities.

The functional users can have this permissions:

  • Release, Welcomelist, Blocklist (the user can Release its messages or manage its Welcomelist/Blocklist)
  • Release (the user can Release its messages)
  • Mark for Release (the user can send quarantine release requests for its domain to the domain admin)
  • No actions (the user can’t perform any action)

 

Tags:

Was this helpful?

 
Related Articles

Didn't find your answer? Contact Us

  

  

Popular searches:GDPR, ESG 5 migration guide, "How to configure Libraesva ESG for Microsoft 365"