Kaseya Community

User Roles Question

  • I'm trying to set up/separate the techs in our company and their access to VSA.  So I looked at the documentation and it's not matching up to what I'm seeing in SaaS.  So I'm hoping someone can shed a little light on what I'm looking at so I can do this properly.

    First up the Role Types defined in our License Manager.  What is the difference between Kaseya Advanced and kaseya Essentials?  I'm going to venture that the Advanced can have much higher levels of access considering we're only currently paying for 6 (small IT department of about 10 total right now)  while essentials covers over 600 licenses.

    Then there's the User Roles as defined under User Security.  Again the documentation doesn't quite line up.  The roles in System > User Security  > User Roles are: KB Admin, SD Admin, ServiceDesk, System.  The documentation lists VSA Admin, End Users, Service Desk Technician and Service Desk Admin.  I'm assuming VSA Admin is System, but with no descriptions in VSA it's hard to figure out what's what.

    At the end of the day I'm trying to figure out where to put some users so I can limit access.  Our 1L Help Desk only needs to be able to run some of the Procedures we've written and view the Agents for details.  Some of the techs I need to limit what Procedures they have access to since a few require license subscriptions and some I want to be able to give them the ability to start writing procedures so I'm not doing all of the work.  I figure I'm going to have to create some Roles but of course that means I need to understand what rights each gets.

  • Trevor,

    If you have (or create) a login account to our website, in the Downloads/Documents section there is a document titled "Tech Brief - VSA Security Roles". You might find this helpful in assigning rights to Roles, and Roles to Users. The first part explains the roles we create and their purpose while the second part shows the rights assigned to these roles. Most of our MSP clients adapt this method to create role-based access controls in their VSA.

    Sadly, we've seen several different User Types between the different SAAS platforms. When VSA Admin is available, we use that for technicians. This is not the System role - types and roles are different. Unless you're actually using Service Desk, you can ignore the SD types. Even our "Private SAAS" platform that we host has different types than our TAP instance and regular SAAS instances.