Creating Login Accounts in the Console

The following instructions are for creating individual login accounts through the console interface.

If you want to use existing Active Directory accounts for Console access, see Enabling Console Access via AD Accounts.

Note: Login Accounts are for access to the Carbon Black App Control Console. A login account is not necessary (nor appropriate) for someone whose only relationship to Carbon Black App Control is as a user of a computer that has the Carbon Black App Control Agent installed.

By default, Administrators can create any level of account.
By default, PowerUsers and ReadOnly accounts cannot create new accounts.
Custom user Roles have whatever account-creation privileges are shown for the View login accounts and user roles, Manage login accounts and Manage user roles and mappings settings on their Add/Edit User Role page.

Create a Console Login Account

Use this procedure to create a new console login account.

Procedure

From the console menu, click the Settings (gear) icon and choose Login Accounts.

The Login Accounts page displays.
Click on the Users tab.
On the Login Accounts: Users page, click Add User.
From the Add Login Account page, enter information about the new account in the categories shown in Login User Account Details.
After you have filled out the form, click the Add User button at the bottom of the page.

Login User Account Details

The following fields are available for modification for each console login user.

Table 1. Login Account Details Fields
Field	Description
User Name (required)	Name that the user enters to log in to the console. Enter any combination of letters, numbers, or English-keyboard characters fewer than 64 characters in length. User names are not case sensitive. Note: User names should use standard, Latin alphanumeric characters. Symbols and punctuation characters are not allowed. In particular, be aware that user names created in the console cannot contain the “\” or “@” characters. This helps avoid conflicts with AD-based user names using `user@domain` or `domain\user` format. If you attempt to create a user account with an illegal character, the console will display a warning dialog.
Password (required)	Password that authenticates this user. Enter any combination of letters, numbers, or English-keyboard characters fewer than 32 characters in length. Passwords are case sensitive. This field changes to New Password when you are editing existing accounts.
Confirm password (required)	Confirm password. Retyping the password ensures that the password is the one you intended to use.
Email address	Email address for the user.
User Roles	System privileges to be accorded to this user, according to the user’s expected responsibilities. There are four built-in roles. You also can create custom roles with detailed feature-based access control – see Managing Console User Roles for details. The built-in role options are: Administrator PowerUser ReadOnly Administrator (Unified Management) User (Unified Management) See Table: Built-in User Roles and their default capabilities for details.
Salutation	Courtesy or professional title of the user (Mr., Ms., Dr., etc.)
First name	First name of the user.
Last name	Last name of the user.
Title	Job title of the user.
Department	Group within the organization to which this user belongs.
Home phone	The user’s phone number at home.
Cell phone	Primary mobile phone number.
Cell phone #2	Secondary mobile phone number.
Pager	Primary pager number.
Pager #2	Secondary pager number.
Comments	Further descriptive information that the user can change or enter. This can be any text you would like to display as part of the login account.
Admin comments	Further administrative information about the user. This can be any text you would like to display as part of the login account.
Show API Token	If you check this box, an interface is exposed that allows generation of an API Token for the current user account. It is best to create a special user account for this purpose. See API Authentication and Access Control for details.