I'm confused about user accounts.
I've got the 'master' user account I initially created. That 'user' shows up in both the "Users" and "Administrators" tabs, and I can assign that user account to systems in the RMM.
Then I've got 'users' who are just on the users tab. I can assign those to systems in the RMM too.
The I've created a 2nd administrator account. That account just appears on the administrators tab. And I can't assign it to systems in the RMM. I gather this is the expected behavior.
Questions:
1) Is the original 'master' account just "special" in that it is both a user AND an administrator? I think perhaps this is the biggest confusion for me -- whether this duality is unique just to the master account.
2) Can other user accounts ALSO be administrators? Or administrators be users? And if so how is that done? Can users be promoted to administrators or administrators demoted to just users?
(e.g. if i were to give a company's IT person an administrator account for just their company, would they also be able to use that as a "user" account for the company's servers? Or would they need two separate accounts, one "User" account to assign systems to, and one "Administrator" account to use the RMM/dashboard.
3) I originally created the managed account in my role as a contractor for another company so I created that company as a "company"; and they have users, etc. That all works. However, I'd also decided to use this myself, both for testing things before deploying to them, and for my own backups. So I created a 2nd company for my own systems.
However the user assigned to my systems is the original master user. And that user doesn't belong to a company, and can't "belong" to a company. So although I've setup a 'company' for my own systems it doesn't have anything in it, and my systems are just sitting in the "All" list.
I gather the correct path forward to neatly group my own systems into my own company, is to create another user set to my company. And then change the systems to using that company user account. Is that right?
4) Is it generally considered a best practice NOT to assign the master account to individual systems?
, hi there!
1. Yes, 'master', or we call it root administrator is a unique entity that is an administrator and a user at the same time. This was made for simplicity for our smaller MSPs that don't need that complexity (and flexibility) and they're fine just with 1 user. And not to force them to create one, we have extended the root admin to users.
2. No. These are different types of entities, users are technical accounts for authenticating computers and administrators are for managing everything on the portal.
According to your example, they would need 2 accounts, user's and administrator's account.
3. That's correct.
4. Yes, it's NOT a best practice. There's always a seek for balance when you pick between convenience and security.
All the above is how it's implemented currently, I will talk to the team and provide your use case in order to discuss how to improve it.