cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
FrankSc
Lansweeper Tech Support
Lansweeper Tech Support

TL;DR-Sweepy-Icon (1).png
Learn about granting users access to your Lansweeper Site by configuring scopes, permissions, and roles.


This page is for Lansweeper Sites (in the cloud). For Lansweeper Classic, see Web console user roles and permissions.

Lansweeper Sites allows you to granularly control which users have access and control over various features and assets in your site.

There are three components that allow you to manage access to your site:

  • Scopes: Scopes, also called asset scopes, control which assets users can view in their inventory.
  • Permissions: Permissions control the features that a user has access to in your site and the actions they can take.
  • Roles: Roles are made up of scopes and permissions that you have assigned to that role.
Check out our YouTube video on Access Management for more information.

On this page:

Configure scopes

Scopes, or asset scopes, allow you to control which assets users can view in their Lansweeper Site Inventory. If no scopes are configured, users can see every asset within their inventory. By adding scopes, you restrict the assets users are able to view.

To configure scopes:

  1. In your Lansweeper Site, go to Configuration > Account management > Asset scopes > Add new asset scope.
  2. Enter a Name for your asset scope that represents your desired scope. Optionally, enter a description.
  3. Under Conditions, select the option Asset type, Asset domain, or IP location from the dropdown.
  4. Select the expression Equal to or Not equal to from the dropdown.
  5. Enter a value.
  6. Optionally, select the plus symbol to add another condition. By default, And is applied. Select And to change the option to Or.
  7. Select Save and exit.

Once your scope is created, you need to add it to a role in order to apply the scope to your desired users.

To view a list of your scopes, go to Configuration > Account management > Asset scopes.

Configure permissions and roles

Roles are made up of permissions and scopes. Permissions control the features that a user has access to and the actions they can take. They are configured within a role. Roles are then added to an account or account group. If no roles and permissions are configured, users will not have access to any element of your Lansweeper Site. By adding permissions and roles to users, you grant users more access to your site.

By default, Lansweeper Sites includes the following roles:

  • Administrator: All permissions are granted, except for those that are only granted to site owners, such as managing site settings and deleting a site.
  • Analyze data: Permissions allow the user to view all the data available from a Lansweeper Site, create reports, and create dashboards without configuring asset information or details.
  • Application admin: Permissions allow the user to access API and applications for your Lansweeper Site.
  • Manage assets: Permissions allow the user to manage and configure assets, but not configure the site itself.
  • View data: Permissions allow users to view data in Lansweeper Sites, with no configuration options.

All of the default roles can be edited as needed. You can view your roles by going to Configuration > Account management > Roles & permissions.

Create a new role

  1. Go to Configuration > Account management > Roles and permissions > Add new role.
  2. Name your role and select Create role.
  3. From the list of options, select which permissions you want to grant for the role.

Add a scope to a role

When you create a new role or edit an existing role, you can add scopes to that role.

  1. From the role’s configuration page, select Scope.
  2. In the Installation section, select which installation you want to apply the role for.
  3. Under Asset scopes, select the asset scope that you previously configured from the list.
  4. Select the Save role icon.

Add a role to a user

For scopes and permissions to apply to a user, you must assign that user with an appropriate role.

When you invite a new user, you can add the role to the user when you invite them to your site.

You can also add a role to an existing user or account group.

  1. Go to Configuration > Account management > All accounts or Account groups.
  2. Select the account group or account of your choice.
  3. Navigate to the Available roles section and select the role from the list.
  4. Select Save and exit.

Priority

If multiple roles are applied to a user, various potentially conflicting permissions and scopes might be granted to the user.

In that case, the permissions from each role are combined. This means that the user has access to all the features that the permissions defined in both roles grant access to.

However, if the scopes from multiple roles are combined, then the most restrictive combination of the scope is applied to that user.

For example, imagine a user has the following roles applied:

Role 1:

  • Permission: Can only view assets
  • Scope: Access to all asset types on Installation 1

Role 2:

  • Permissions: Can view assets and edit assets
  • Scope: Access to only servers on Installation 2

In this case, because the permissions are combined, the user will be able to view and edit the assets that are available to them. However, because of the applied scopes, the user will only have access to servers on Installation 1 and 2.


Was this post helpful? Select Yes or No below!
Did you have a similar issue and a different solution? Or did you not find the information you needed? Create a post in our Community Forum for your fellow IT Heroes!
More questions? Browse our Quick Tech Solutions.


Was this article helpful? Yes No
50% helpful (1/2)

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now
Version history
Last update:
‎08-28-2023 04:55 PM
Updated by: