Agent Manager uses OnePointOp groups and database roles to restrict access to product functionality. These permissions are typically defined at the end of installation with the Agent Manager Access Configuration utility (Access Configuration). The Access Configuration utility is an interface that allows you to control Agent Manager permissions by managing membership in OnePointOp groups.
Access Configuration enforces the use of global or universal domain groups in the OnePointOp groups and creates appropriate database logins. If you need to add a user account, add it to the appropriate domain group you specified with the Access Configuration utility. You can use the Active Directory Users and Computers Administrative Tool to add user accounts to domain groups.
If you need to add an additional domain group, or if you did not specify a domain group at the end of installation, use the Access Configuration utility. For more information about using this utility to modify group memberships, see Section 8.6, Modifying Agent Manager OnePointOp Group Membership.
NOTE:The following Agent Manager functions also require you to use an account that is a member of the local Administrators group:
Installing or upgrading Agent Manager
Uninstalling Agent Manager
Using the Access Configuration utility
Using the Agent Manager Console
Agent Manager provides the following groups to which you can add domain groups during setup.
User accounts in the OnePointOp ConfgAdms group can modify the information that Security Manager collects and can configure all settings in the Agent Manager Console.
The OnePointOp System group is created by the installation process and populated with the specified Agent Manager service account. Modify the membership in the OnePointOp System group only when you change Agent Manager service accounts.