Video Screencast Help

Levels of Access for Console

Created: 05 Jun 2009 • Updated: 22 May 2010 | 8 comments
This issue has been solved. See solution.


I was wondering how to set different levels of console user rights and levels of access for Symantec Enpoint Protection 11

Thank you

Comments 8 CommentsJump to latest comment

Thomas K's picture

Go to Admin tab. Click limited Administrator.

imagebrowser image

imagebrowser image

Nel Ramos's picture

You Have the Limited and the Full admin accounts...
just an added tip.. eventhough you have 2 options but you could vary on what they could only access...
If they just need reports then give them access to report viewing.. you may also give them variable reporting rights... so many combinations could you make...


Nel Ramos

Sheila Marie's picture

Is there a limit to the number of users in SEPM?

Sheila Marie's picture

Is there a limit to the number of users in SEPM?

sandeep_sali's picture


       There is no limit as such for the number of users in SEPM. However what matters here is the type of database that you use. For more number of users i.e. in thousands a SQL database is recommended for a few number the embedded database should be fine.

Thanks & Regards

Sandeep C Sali

Nel Ramos's picture

Please be sure that if you would be using the AD account we dont need to put passwords on the initial page so that you would not have issues in logging the new account...

Just go to the Symantec Management Server Authentication and place the domain + AD user account and it will inherit the AD accounts password too...


Nel Ramos

Ajit Jha's picture



User name
The name with which the administrator logs in and by which the administrator is known within the application.

Full name
The full name of the administrator to be added. This field is optional and is for informational purposes only.

Password and Confirm password
The password the administrator must enter when the administrator logs into the management server. The password must be six or more characters. All characters are permitted.

Authentication type
The authentication software that is used to authenticate the administrator. To change the type, click Change.

You can select from the following authentication types:

Symantec Enterprise Protection Authentication


Directory Authentication

Administrator type
The level of access rights that you want the administrator to have.

You can select from one of the following administrators types:

System administrator

Administrators with full access rights for all domains.


Administrators with full access rights for a single domain. The only restriction you can configure for this type of administrator is for viewing reports for computers that run Symantec AntiVirus 10.x and earlier.

Limited administrator

Administrators with configurable rights for the selected groups within a single domain. When you add a limited administrator, you can also define the following rights: reporting rights, group rights, command rights, and policy rights.

Limited Administrator Access Rights
The specific access rights that you want the limited administrator to have.

You can configure the following types of rights:

Reporting Rights

Limits the reports that the administrator can view to the computers that you specify.

Group Rights

The groups that the administrator can manage. Administrators can have view and manage the groups (full access, view groups (read-only access), or view nor manage any groups (no access).

Command Rights

The commands that the administrator can run from the console on clients or groups. For example, the administrator can run the Enable Auto-Protect command on a group, but not the Enable Network Threat Protection command. Only available if View reports or Manage groups is selected.

Policy Rights

The policies that the administrator can manage.


Ajit Jha

Technical Consultant


Paul Murgatroyd's picture

As Sandip says, there is no known limit to the number of administrator accounts you can have in SEPM.  I am aware of customers with several hundred admin accounts, although it is rare.

How many accounts were you looking to create, and more importantly - why?

The more pertinent question is really how many of these admins will be logged on at the same time? 

Paul Murgatroyd
Principal Product Manager, Symantec Endpoint Protection
Endpoint twitter feed: