The User Roles option helps you to view and manage all the admin role types available with Seqrite Enterprise Mobility Management. You can use assign the Admin Role type to a normal user by making the user an Administrator to manage the Seqrite Enterprise Mobility Management console. You can assign or remove Admin roles whenever required.
By default, there are five Admin roles (Administrator types): Super Admin, Admin, Help Desk and Read Only. You can edit the Admin roles and privileges for all roles except the Super Admin role. You can create new Administrator roles and assign privileges as required.
Super Admin
The Super Admin role is the main administrator created at the time of Seqrite Enterprise Mobility Management company creation. For the entire Seqrite Enterprise Mobility Management console, a single Super Admin is assigned. The Super Admin can create multiple Admins with administrator role. The Super Admin has all the privileges such as read, create, update, delete, assign/unassign, approve/disapprove, and perform basic, advance, and critical actions, for all the modules of Seqrite Enterprise Mobility Management. The Super Admin also has the privilege to set up services such as APNS, Agent upgrade, Agent preference etc. and also can customize the reports as per requirement.
Assigning Super Admin role to an Admin
In many instances, the Admin may be responsible to perform all or similar activities of Super Admin. With Seqrite Enterprise Mobility Management, the Super Admin can assign any Admin, a Super Admin privilege. This functionality helps to allocate and utilize the resources effectively.
When an Admin is assigned a Super Admin role, the Admin gets the privilege to make changes to all the Setup Services settings. Thus, such Admin can view the Settings option on Seqrite Enterprise Mobility Management console and perform all the Super Admin responsibilities.
Admin
The Admin can create multiple Administrators with restricted or complete access to the Seqrite Enterprise Mobility Management console.
Help Desk
The Help Desk role type has all the privileges except the delete privilege. The Help Desk role does not have any privilege to create, update, assign/unassign, and delete admin role. Also, cannot upgrade or renew the license.
Read Only
The Read Only role type has Read-Only privileges, with restricted visibility of Seqrite Enterprise Mobility Management console. The Read Only role can export the data and view the privileges but cannot assign any privileges to the user.
Privileges
The table below helps you to understand the privileges assigned to the Admin role. These are the default privileges with the following indications:
: User has the permission 
: User does not have the permission
| Privileges | Entity/Admin Roles | |||
|---|---|---|---|---|
| Read Only | Help Desk | Admin | Super | |
| User | ||||
| Read | |
|
|
|
| Create | |
|
|
|
| Update | |
|
|
|
| Delete | |
|
|
|
| Send enrollment request | |
|
|
|
| Admin Role | ||||
| Read | |
|
|
|
| Create | |
|
|
|
| Update | |
|
|
|
| Delete | |
|
|
|
| Assign/Unassign | |
|
|
|
| Device | ||||
| Read | |
|
|
|
| Create | |
|
|
|
| Update | |
|
|
|
| Delete | |
|
|
|
| Assign/Unassign | |
|
|
|
| Approve/Disapprove | |
|
|
|
| Basic Action (Ring/locate/trace/scan/sync) | |
|
|
|
| Advanced Action (wipe/lock/unlock/uninstall/Push policy or configuration) | |
|
|
|
| Critical Action (Wipe/uninstall/disconnect/exit launcher) | |
|
|
|
| Group | ||||
| Read | |
|
|
|
| Create | |
|
|
|
| Update | |
|
|
|
| Delete | |
|
|
|
| Assign/Unassign | |
|
|
|
| Policy | ||||
| Read | |
|
|
|
| Create | |
|
|
|
| Update | |
|
|
|
| Delete | |
|
|
|
| Apply/Revoke | |
|
|
|
| Configuration | ||||
| Read | |
|
|
|
| Create | |
|
|
|
| Update | |
|
|
|
| Delete | |
|
|
|
| Apply/Revoke | |
|
|
|
| Export | ||||
| Export | |
|
|
|
| Report | ||||
| Read | |
|
|
|
| Create | |
|
|
|
| Delete | |
|
|
|
| Update | |
|
|
|
| App Control | ||||
| Read | |
|
|
|
| Create | |
|
|
|
| Update | |
|
|
|
| Delete | |
|
|
|
| App Repository | |
|
|
|
| Assign/Unassign | |
|
|
|
| Notification | ||||
| Read | |
|
|
|
| Delete | |
|
|
|
| Workspace Device Actions | ||||
| Basic Actions*(Ring/locate/trace/scan/sync) | |
|
|
|
| Advanced Action**(wipe/lock/unlock/uninstall/Push policy or configuration) | |
|
|
|
| Critical Actions***(Wipe/uninstall/disconnect/exit launcher) | |
|
|
|
| Workspace Policy | ||||
| Create | |
|
|
|
| Update | |
|
|
|
| Delete | |
|
|
|
| Apply/Revoke | |
|
|
|
| Workspace Profile | ||||
| Create | |
|
|
|
| Update | |
|
|
|
| Delete | |
|
|
|
| Apply/Revoke | |
|
|
|
- You can change the privileges as per your requirement or you can assign the default privileges.
Group-wise visibility for Seqrite Enterprise Mobility Management console
With restricted visibility, the Admin gets the privilege to manage only the assigned group and gets access of the devices, users, app configurations and other entities of that particular group.
When such restricted user with Admin role creates a department, then a group is also created automatically with the same department name. Thus, the devices associated with that group are visible and the respective administrator can manage them. If any configuration is applied on the device, then such configuration is also visible to the Administrator.
With restricted console visibility, the Administrator receives only those notifications that are limited to specific group. Only the Super admin can generate the custom reports and other admins can generate and schedule the standard report.
Advanced Search for Admin roles
The Advanced Search option allows you to perform an advanced search for different Admin roles. To search Admin roles with advanced search option, follow these steps:
- Log on to the Seqrite EMM console and in the right upper corner, click the logged on user name > click User Roles > Advanced Search.
- From the Select Created By list, select the desired creator name and click Search. The result gets displayed.
User Management List Page
The User Roles list page displays all the available User roles in Seqrite Enterprise Mobility Management console. The table shows the information about all the User roles.
Take Action options for User roles
The Take Action list appears on the User Roles page when you select single or multiple Admin roles. The available options in the Take Action list are:
- Create Copy: Helps to create a duplicate copy of a single or multiple selected user role.
- Delete: Helps to delete a single or multiple selected user role.
Note:
- You cannot delete the default Admin roles.
- You cannot delete a user assigned to a Admin role. Select the required options and click Submit.