Assign Access Levels to Management Roles

Owned by
Phillip Hanegan
Last updated: Feb 24, 2021
3 min read

EmpowerID Access Levels are collections of "operational capabilities" and/or "native system rights" specific to a particular resource type, such as an account, group or mailbox. When you assign an Access Level to a Management Role, you give anyone assigned membership in the Management Role the ability to perform those operations or tasks against a selected resource. 

Generally speaking, the default Management Roles shipped by EmpowerID contain all the Access Levels sufficient for those roles. Therefore, it is recommended that you only assign Access Levels to the Management Roles you create or clone.

Assign Access Levels to Management Roles

  1. On the navbar, expand Role Management and select Management Roles.

  2. Search for the Management Role to which you want to assign one or more Access Levels and then click the Display Name link for the role.


    This directs you to the View One page for the Management Role. View pages allow you to view and manage the objects to which they pertain.

     

  3. Select the Advanced tab and then select the Access Granted sub-tab.

  4. Expand the Access Granted to Management Role Members accordion and then click the Add button.



    This opens the Grant Actor Access page. You use this page to select and scope the Access Levels you are assigning.

     

  5. In the Which Type of Access panel of the page, do the following:

    1. Assign Direct to Resource or Other Method — Select the type of assignment

      • Direct — Select this option if you want to assign access to a specific resource, such as a single group

      • By Location — Select this option if you want to assign access to all resources in a specific location (and below if the location has child locations), such as all groups in Boston

      • Relative — Select this option if you want to assign access to all resources relative to members of the BRL, such as all groups in a person’s locations

      • Belonging to which group — Select this option if you want to assign access to all users and people who are members of the selected group(s)

      • Belonging to which Management Role — Select this option if you want to assign access to all people who are members of the selected Management Role(s)

      • Belonging to which Query-Based Collection — Select this option if you want to assign access to all objects belonging to the Query-Based Collection

    2. Resource Type — Select the resource type for which you are assigning access, such as Group (Security)

    3. Access Level — Select the Access Level you are assigning, such as Member

  6. In the Where: Select Resources or a Location panel, search for and select the target resource(s) or the target location (for By Location assignments)

  7. In the Why & for How Long? panel, do the following:

    1. Comment or Justification — Enter a comment about the assignment; optional

    2. Access Starts — Click the field and select a start date and time from the calendar; if a start date is not selected, access begins immediately

    3. Access Ends — Click the field and select an end date and time from the calendar; if an end date is not selected, access continues perpetually

    4. Click Add.

  8. Repeat steps 5 through 7 for each assignment you want to make.

  9. When ready to commit your changes, click Submit.