ESET Security Management Center Permission Settings

In ESET Security Management Center (ESMC), it is necessary to create a Static Group (you can name it for example "EEI Users"), where security engineers have access and full permission rights.

 

important

Important

For creating the following permission sets, you must use the built-in "Administrator" account that was created during the initial ESMC Server deployment because no other accounts can create these permission sets.

Create new permission sets with the following parameters (for instructions to create permission sets, see the Permission Sets Online Help topic):

 

For EI_SERVER_INSTALLER user, permission set should be:

ESMC_EI_Admin

For Server Tasks & Triggers and Client Tasks, select all subtasks listed under them.

note

Note

The user with this permission set is recommended to be used during the installation process because if there is an error, logs with diagnostics data are created too, that will help to solve the problem better.

Also, this user is recommended for default use, as it also provides data exchange between EI and ESMC.

 

For EI_ADMIN webconsole access user, the permission set should be:

ESMC_EI_Admin_Web

No User Group Access needed.

 

For EI_READ_ONLY webconsole access user, the permission set should be:

ESMC_EI_Read_Only

No User Group Access needed.

Learn more about ESMC Permissions.

important

Important

The Two Factor Authentication (2FA) is not supported yet in EEI, so User with 2FA is not able to Login into EEI Web Console.

 

For the EEI installation process and further automatic syncing between EEI and ESMC,  create the following account (instructions to create a new user in ESMC Web Console):

Name: EI_SERVER

Password: Type in a new password

important

Important

Set Have to change password to No (deselect the check box). If this is not set, a first-time ESMC log in is needed with a request to change the password.

You can also change the Autologout (Min) setting to your desired value (default value is 15 minutes)

Assigned Permission Set: EI_SERVER_INSTALLER

For EI_USER_READONLY accounts use EI_READ_ONLY set.

For login access to EEI Web Console, we recommend that you use the ESMC user account with EI_USER_READONLY permission set depending on the rights you want to grant to it. Alternatively, you can also use account with EI_ADMIN permission set.