The Users section lets you create accounts for teammates, assign a role (permission set), and optionally restrict what servers they can access. You can also create custom roles tailored to your operations.

Who can view or change this

• View users page: view_users_page
• Create user: create_additional_users
• Edit user: edit_users
• Delete user: delete_users
• Create role: create_user_role (and edit_user_roles, delete_user_roles on the role page)

Users vs Roles (quick map)

• A user = login identity (username + email) with optional 2FA, enabled/disabled status, and optional scope to specific servers/storages.
• A role = set of permissions (checkboxes) that enables pages and actions (e.g., view schedules, run/stop jobs, DR restore).

Creating a user

1) Click Create user to open the modal.
2) Fill Username, Email, select a User role.
3) (Optional) Limit access to specific Production servers and/or Storage servers. If you leave lists empty, the user can see all.
4) (Optional) Add Full name and Company for clarity.
5) Submit — a random password is generated and displayed once; share it securely with the user.

Managing roles (permissions)

• Click Create user role to open the permissions matrix. Check the pages/actions that role should allow (e.g., view_schedules_page, run_schedule, restore_disaster_recovery).
• Save to add the role; it appears under Current user roles and can be edited later.
• Safety rails: roles in use cannot be deleted; the first built-in admin role is protected.

Editing a user

• Open the user’s Edit page to change name, company, email, username, role, and server/storage scope.
• Disable 2FA appears if the user had 2FA enabled (use sparingly).
• Disable user turns off access without deleting the account.
• Reset password sets a new random password (shown once after save).
• The first admin user has safeguards: their role cannot be changed here, and the account cannot be disabled from this form.

Deleting a user

• Use the row menu → Delete (requires delete_users).
• You cannot delete your own account, and the first created admin user is protected from deletion.

Scopes & visibility

• If a user’s role allows a page but their server/storage scope is restricted, lists, trees, logs, and charts are filtered to only those resources.
• This scoping also applies to Monitor and Backup Logs.

Good practices

• Create separate roles for day-to-day operators vs. administrators; grant only what’s needed.
• Use server/storage scoping to partition access between teams or clients.
• Encourage users to set up 2FA (can be managed from their profile). Email notifications are per-user and configured on the user’s own profile page.

Troubleshooting

• A user can’t see servers or logs → role is missing the page permission, or their scope excludes those servers.
• “Create user” button is gray → your role lacks create_additional_users.
• Can’t delete a role → it’s assigned to users or is the first admin role.
• Can’t delete a user → first user is protected, or you’re trying to delete your own account.