Users view in the SEM console

To open the Users view, navigate to Build > Users on the SEM menu bar. Use this view to manage SEM user system accounts.

This topic provides page-level help for the Users view in the SEM console.

Users view main page elements

This section describes the main elements in the Users view.

Name	Description
Refine Results	Filters the Users grid based on your selections.
Users grid	Displays all users associated with each Manager throughout your network.
	Click to add a user or import a user from Active Directory.
User Information for:	Displays information about the user selected in the Users grid. The form is read-only unless you are adding or editing a user.

The Users grid

By default, the Users grid displays all users configured for all Managers monitored by the console. Use the Refine Results form to filter the contents of the grid.

Column	Description
	Click to edit or delete the user account.
Status	The user login status. Indicates if the user is currently logged in to the console. indicates the user is logged in to the console. indicates the user is not logged in to the console.
User/Group Name	The account name used to log in to SEM Manager.
Type	Indicates if the user account is a local SEM user account, or a Directory Service (DS) account that is synchronized with Active Directory.
First Name	The user's first name.
Last Name	The user's last name.
SEM Role	The SEM role type assigned to the user. There are six role types: Administrator, Auditor, Monitor, Contact, Guest, and Reports.
Description	A brief description of the user’s job function or responsibility.
Manager	The SEM Manager where the user account is located.
Last Login	Timestamp showing the time and date that the user last logged in to the system.

The Refine Results form

By default, the Users grid shows all users across all SEM Managers. Use the Refine Results sidebar to limit the number of users displayed in the grid.

Field	Description
Reset	Click to return the grid and the form to their default settings.
Manager	Select a SEM Manager instance to view only the user accounts located on the selected instance.
SEM Role	Select a role type to view only users that match that role type. By default, the grid displays results for all SEM role types.
Last Login Date Range	Enter a start date and end date to view users who last logged in during the specified date range.

The User Information for form

Field	Description
User Name	Enter a user account name. You cannot use admin_role, audit_role, or reports_role for the user name.
First Name	Enter the user's first name.
Last Name	Enter the user's last name.
Password	Enter a user password to access the Manager. This can be an initial system password or a temporary password that is assigned to replace a forgotten password. If you are creating a Contact user, a password is not required. If the Must Meet Complexity Requirements check box is selected in the Manage > Appliance > Properties > Settings tab, the console enforces the following policy: Passwords must have a minimum of six characters. Spaces are not allowed. Passwords must have two of the following three attributes: at least one special character, at least one number, and a mix of lowercase and uppercase letters.
Confirm Password	Enter the password again.
SEM Role	Select a SEM role for this user. Administrator - Has full access to the system, and can view and modify everything. Auditor has extensive view rights to the system, but cannot modify anything other than their own filters. Monitor - Can access the console, cannot view or modify anything, and must be provided a set of filters. See "Specify the filters that users assigned the Monitor role can use in the SEM console" on page 129 for steps. Contact - Cannot access the console, but can receive external notification. Guest - Has extensive view rights to the system, but cannot modify anything other than their own filters. Reports - Cannot log in to the SEM console, but can log in to the SEM reports application. This role can access the SEM database over a secure channel if TLS encryption is enabled. See "Enable transport layer security (TLS) in the SEM reports application" on page 78 for details
View Role	Click to open the role privileges assigned to the new user. Role privileges cannot be changed.
Description	Type a brief description (up to 50 characters). For example, provide the user title, position, or area of responsibility.
Contact Information	Enter an email address. SEM Manager notifies users by email about network security events. You can add as many email addresses as required. To add the address to the Contact Information box, type an email address, and then click . Use the following format: username@example.com To send a test email to the email address, click Save, and then click . Verify that the user received the email test message Repeat these steps to add additional email addresses.

The Privileges screen

The Privileges screen provides details about the access, modify, and audit rights that are granted to each SEM role type. This information is read-only and cannot be changed. See also Add SEM users