Manage Users & Groups
To manage user access to your Cohesity DataProtect as a Service, we recommend that you add users and groups. Once you create them, your users can start using your Cohesity DataProtect as a Service with their own logins.
Add Users
To add a user:
-
In DataProtect as a Service, navigate to Settings > Access Management and click the Users tab.
-
Click Add User.
Only the user with Admin privileges will be able to add a new user.
-
In the dialog, select Add User and enter:
-
Username. The user's email address.
-
Email Address. The user's email address again.
-
First Name. The user's first name in Cohesity DataProtect as a Service.
-
Last Name. Typically, the domain of your email address.
-
-
Under Roles and Access, assign an appropriate Role to this user. See Roles for more information.
-
Click Save.
The new user receives a welcome email with a link to reset their password, and appears in the list on the Users tab. From there, you can edit or delete the user, or prompt them to reset their password.
Roles
| Roles | Description |
|---|---|
| Cohesity Support Admin | This role allows Cohesity Support to create a Super Admin user for the customer. Only Cohesity Support has access to this role, and it is typically used when the customer has lost access to a Super Admin user due to turnover and other events. |
| Data Security | Data Security users have Self Service Data Protection role privileges and can create DataLock Views and set DataLock expiration dates. |
| High Classified | User who has High classified role can fetch cluster details needed for specific API calls. |
| Operator | Operator users have Viewer role privileges and can run existing Protection Groups and create Recover Tasks. |
| SMB Backup Operator | SMB Backup Operators have privilege to perform SMB backup and SMB restore. |
| Super Admin | Super Admin users have full access to all actions and workflows within the Cohesity Dashboard. They can manage other Super admins and admins. |
| Viewer | Viewer users have read-only access for all workflows within the Cohesity Dashboard. |
| Gaia Admin | Gaia Admin users have Self-Service Gaia role privileges, allowing them to view and manage details and results. |
| Gaia Viewer | Gaia Viewer users have query access and read-only permissions in Gaia. |
Manage Users
To change a user's settings, click the Actions menu (⋮) next to the user and select:
-
Edit. To update their Email Address, First Name, and/or Last Name.
-
Delete. To delete the user from your Cohesity DataProtect as a Service.
-
Reset Password. To send the user an email with a link to reset their password.
Change Password
To change your Cohesity DataProtect as a Service password:
-
In DataProtect as a Service, navigate to Settings > Access Management and click the user to open the User Details page.
-
Click Reset Password and follow the prompts.
Add SSO Users & Groups
If you have added Single Sign-on (SSO) toCohesity DataProtect as a Service, you can add users and groups from your SSO domain for additional user management.
To add SSO users and groups:
-
In DataProtect as a Service, navigate to Settings > Access Management.
- Click Add User on the Users tab.
-
In the dialog, select Add SSO Users & Groups and enter:
-
SSO Domain. The domain you used to add SSO.
-
SSO Users. The users in your SSO domain who need access to Cohesity DataProtect as a Service.
-
SSO Groups. The groups in your SSO domain who need access Cohesity DataProtect as a Service.
-
-
Click Save.
The new SSO users and groups you entered appear in the list on the Users tab. To group them, click the Domain column sort them by your SSO domain.
Click the Actions menu (⋮) next to the SSO user or group to Edit or Delete them.
