Domain Admin Rights
Pyramid supports two Admin types: Enterprise Admins and Domain Admins. While Enterprise Admins have complete access to the entire system and its settings, Domain Admins are granted access to specific parts of the system. In a multitenant environment, Domain Admins are limited to actions WITHIN the tenancy they belong to, while Enterprise Admins can work across tenants.
The Admin type is set from the User page in the Admin Console, or from Auto Provisioning Jobs. You can assign one or more Admin Rights to each Domain Admin to govern which parts of the Admin Console they will have access to.
Grant Domain Admin Rights
When defining a user as a Domain Admin, you will need to set the Admin Rights for that user:
- Access: grants the Domain Admin access to Users, Roles, Profiles, and User Defaults.
- Data: grants the Domain Admin access to Data Source, Source Manager, and Pulse Node.
- Content: grants the Domain Admin access to Webhooks.
- Schedules: grants the Domain Admin access to Task Manager, Publications, Alerts, Subscriptions, and Models.
- Logs: grants the Domain Admin access to Entries and Transactions.
- Mobile: grants the Domain Admin access to Devices.
- Design: grants the Domain Admin access to Themes, Custom Fonts, Email Templates, and Hub Templates.
- Geospatial: grants the Domain Admin access to Custom Maps.
- AI, DS and ML: grants the Domain Admin access to ML Environments.
Provisioning
Provisioning synchronizes Pyramid users with Active Directory users. If you have provisioning set up, you can assign Domain Admin rights from the Auto Provisioning Jobs list under Schedules.