Assign Roles to a User or Group

A role policy combines the tasks and devices that make up a role with one or more users who are assigned to those rules. You can use WatchGuard System Manager or WatchGuard Server Center to assign one or more roles to a user or user group. When you assign more than one role to a user or group, that user or group can complete all of the tasks for all devices from both roles.

Assign Roles in WatchGuard System Manager

To add a new role to a user or group, or edit an existing role:

  1. Connect to Your Management Server with WSM.
  2. Select File > Manage Users.
    The Manage Users dialog box appears.
  3. Define a user and click Add.
    Or, select a user from the Users list and click Edit.
    The User Properties dialog box appears.
    For more information, see Define or Remove Users or Groups.
  4. Select the Role Policies tab.

Screen shot of the User Properties dialog box, Role Policies tab

  1. To add a new role, click Add.
    To edit an existing role, select a role from the Role list and click Edit.
    The Role Policy dialog box appears.

Screen shot of the WSM Manage Users Role Policy dialog box

  1. From the Role drop-down list, select an existing role.
    Or, click New to define a custom role.
    For more information, see Define Roles and Role Properties.
  2. From the Devices list, select the check box for each Firebox to include in the role policy.
  3. Click OK.
    The role appears in the list on the Role Policies tab.
  4. Click OK.

To remove a role from a user or group:

  1. In the User Properties dialog box, select a role in the Role list.
  2. Click Remove.
    A confirmation message appears.
  3. Click Yes to delete the role from the Role list.

Assign Roles in WatchGuard Server Center

To add a new role or edit an existing role to a user or group:

  1. In the left navigation bar, select Users.
    The Users page appears.
  2. Select the Users tab.
  3. Click Add.
    The User and Group Properties dialog box appears.
  4. Select the Role Policy tab.
    A list of the roles assigned to the user or group appears. The name of the role or roles appears in the Role column. A comma-delimited list of devices associated with the role appears in the Devices column.

Screen shot of the User and Group Properties dialog box, Role Policy tab

  1. To add a new role policy for the user or group, click Add.
    To edit an existing role policy, select it and click Edit.
    The Role Policy Properties dialog box appears.

Screen shot of the Role Policy Properties dialog box

  1. From the Role drop-down list, select an existing role.
    Or, click New to define a custom role.
    For more information, see Define Roles and Role Properties.
  2. From the Devices list, select the check box for the set of devices and folders to assign to this user and role.
  3. Click OK.

To remove a role from a user or group:

  1. In the User and Group Properties dialog box, from the Role list, select a role.
  2. Click Remove.
    A confirmation message appears.
  3. Click Yes to delete the role from the Role list.

See Also

About Role-Based Administration

About Predefined Roles