You can create, edit, and remove roles from the Administration→Roles page. On this page you can also list the members belonging to the selected role and where the role grants access to.
A role consists of:
Rules: LDAP filters for specifying the members of the role.
Permissions: Allow specific management and viewing options.
SSH Options: Allow SSH options.
Contextual Restrictions: Restrict role validity by time and client address.
For more information about granting access to target hosts, see Granting Access to Hosts.
Role changes take effect within 1 - 5 minutes.
Settings pages in the GUI require both
manage- permissions. For example, a PrivX user needs
roles-manage to access Administration→Roles.
Before restricting the Allowed remote addresses, ensure that meaningful user addresses are included in the
X-Forwarded-For header. If the header includes multiple addresses, select one of them by configuring
Updated 10 months ago