Adding a User Account

Procedure

1. Go to Administration → Account Management → User Accounts.
   The User Accounts screen appears.
2. Click Add.
   The User Accounts > Step 1: User Information screen appears.
3. Select Enable this account to enable the account upon creation.

   Note Trend Micro Apex Central as a Service cannot disable accounts for Active Directory users or groups. To disable an Active Directory account, you must disable the account from the Active Directory server. For more information, contact your Active Directory administrator.

4. Select the account type.
   • To create a new Trend Micro Apex Central as a Service user account:
     1. Select Custom account.
     2. Configure the following required account information:

        Information	Description
        User name	Type the account name that the user provides to log on to the Trend Micro Apex Central web console.
        Full name	Type the full name of the user.
        Password	Type the password that the user provides to log on to the Trend Micro Apex Central web console. Note Users can change their passwords on the My Account screen. For more information, see Viewing or Editing User Account Information.
        Confirm password	Type the same password provided in the Password field.
        Email address	Type the email address to which the user has notifications delivered. Note This field is required for Trend Micro Apex Central to send reports and event notifications by email or when Two-Factor Authentication is enabled.

   • To import users or groups from an integrated Active Directory structure:
     1. Select Active Directory user or group.
     2. Search for Active Directory users or groups using the following:
        • User/Group name

          Note This field is required. You can use an asterisk wildcard (*) to search using partial string matching. For example, typing tom* searches for all users or groups with names that start with tom.

        • Base distinguished name
     3. Click Search.
        Active Directory accounts that match the specified criteria appear in the Search result list.
     4. Select Active Directory users or groups from the Search result list and click >.
        The selected Active Directory users or groups appear in the Selected users/groups list.

     Important Trend Micro Apex Central as a Service requires you to manually synchronize Active Directory data before imported users or groups can log on to Trend Micro Apex Central as a Service using their Active Directory domain credentials. For more information, see Configuring Active Directory Synchronization. You do not need to manually synchronize Active Directory data from an Active Directory structure migrated from a previous version of Control Manager. Users and groups from the migrated Active Directory structure can log on to Trend Micro Apex Central as a Service as soon as the migration completes.

5. Click Next.
   The User Accounts > Step 2: Access Control screen appears.
6. Select a user role from the Select role drop-down.

   Note The access rights defined for a user role take precedence over the managed product/folder access rights that you configure for individual user accounts. The DLP Compliance Officer and DLP Incident Reviewer roles are only available to Active Directory users or groups. For more information, see User Roles.

7. In the Select accessible products/folders tree, select the products or folders that the user can access in the Product Directory structure.

   Note You can restrict a user to a single managed product or allow access to the entire Product Directory. Assigning access to a folder allows users to access all of the sub-folders and managed products. For more information, see Managed Product Access Control.

8. Specify the managed product/folder access rights for the user account.

   Note Access rights determine the actions that the user account can perform on managed products. Privileges granted to an account cannot exceed those of the grantor. For more information, see Managed Product Access Control.

9. Click Finish.
   The new user account appears on the User Accounts screen.