Managing Console Users

Console users are specific to the Device Initialization Console.

Note:

Do NOT attempt to create Initialization Console users until you have created device repositories and initialized some devices. Otherwise, you will not be able to define the rights of your Console users properly or assign them authentication devices.
You can change the initial Console Administrator to use an authentication device rather than a static password to log on, but it is recommended that you keep this Administrator with a static password logon in case you lose or break your device.
Keep this Administrator’s ID and password in a safe place where no one can access it unless there is an emergency.

The following table describes the different types of users and their rights.

Types of Users and Rights
User	Rights
Administrator	Full rights to all functionality. In addition, they are the only users who can access the following Console functionality: Manage and sign initialization profiles Create Console users Modify Console users Auditing Services Register encryption keys Unlock a Console Administrator’s device
Device Manager	Initialize devices Export user and device information Import/export credentials Create repositories and set default repositories (an Administrator might limit a Device Manager’s access to a particular repository, but the Device Manager can then create sub-folders within that repository).
Audit Manager	View the Audit log. Note: Does not have access to other functions.

For further information about the different types of users and their rights, see Device Initialization Console.

Topics in this section: