Application Roles

The following table provides an overview of Verify Privilege Manager Application Roles.

In general, the Verify Privilege ManagerUser role can view reports, but access may be dependent on each report and the viewing rights assigned to the user's account.

Role	Summary	CRUD Users/Groups	View Reports	Run Tasks	Approve Approval Requests	Disclose Passwords	Modify  Config, View Install Codes	Modify Policies, Filters, and LSS	View All Items	Upload Files	Create or Revoke Install Codes
Verify Privilege Manager Administrators	Can do anything.	yes	yes	yes	yes	yes	yes	yes	yes	yes	yes
Verify Privilege Manager Field Engineering	Cannot do anything out of the box. Reserved for future use.
Verify Privilege Manager Helpdesk Users	This role has the least permissions. It can disclose passwords and manage approvals only.				yes	yes
Verify Privilege Manager macOS Administrators	Can do anything an administrator can, but only for macOS policies and resource targets.	yes (macOS)	yes	yes	yes	yes	yes	yes (macOS)	yes	yes	yes
Verify Privilege Manager Unix/Linux Administrators	Can do anything an administrator can, but only for Unix/Linux policies and resource targets.	yes (Unix/Linux)	yes	yes	yes	yes	yes	yes (Unix/Linux)	yes	yes	yes
Verify Privilege Manager Users	This is a read only role that can view all items, disclose passwords, and manage approvals.		yes		yes	yes			yes
Verify Privilege Manager View Password Role	Can only view current passwords and password change histories of managed users					yes
Verify Privilege Manager Windows Administrators	Can do anything an administrator can, but only for Windows policies and resource targets.	yes (Win)	yes	yes	yes	yes	yes	yes (Win)	yes	yes	yes