Application Delivery Management

Configure access policies

October 14, 2020

Contributed by:

S L

Access policies define permissions. A policy can be applied to a single user or group, or to multiple users and multiple groups. Citrix Application Delivery Management (ADM) provides four predefined access policies:

adminpolicy. Grants access all Citrix ADM features. The user has both view and edit permissions, can view all Citrix ADM content, and can perform all edit operations. That is, the user can perform add, modify, and delete operations on the resources.
readonlypolicy. Grants read-only permissions. The user can view all content on Citrix ADM, but is not authorized to perform any operations.
appAdminPolicy. Grants administrative permissions for accessing the application features in Citrix ADM. A user bound to this policy can add, modify, and delete custom applications, and can enable or disable the services, service groups, and the various virtual servers, such as content switching, cache redirection, and HAProxy virtual servers.
appReadOnlyPolicy. Grants read-only permission for application features. A user bound to this policy can view the applications, but cannot perform any add, modify, or delete, enable, or disable operations.

Note The predefined policies cannot be edited.

You can also create your own (user-defined) policies.

To create user-define access policies:

In Citrix ADM, navigate to System > User Administration > Access Policies.
Click Add.
In the Policy Name field, enter the name of the policy, and enter the description in the Policy Description field.
The Permissions section lists of all Citrix ADM features, with options for specifying read-only or edit access. Click the (+) icon to expand each feature group into multiple features. You must select the check box next to the feature name to give the users either the View or Edit Permissions. The Edit option includes permission to view. Select View for read-only, or Edit for full access.

Note Expand Load Balancing and GSLB to view more configuration options.

Note Selecting Edit might internally assign dependent permissions that are not shown as enabled in the Permissions section. For example, when you enable edit permissions for fault management, Citrix ADM internally provides permission for configuring a mail profile or for creating SMTP server setups, so that the user can send the report as a mail.

Example:

David is the administrator for SSL certificate management/security in Citrix ADM. In the policy assigned to David, the administrator selects the following check boxes in the Permissions section:
- Networks > Configuration > Edit
- Networks > Certificate Management > Edit
- System > SSL Settings > Edit
- System > System Configuration > Edit
Click Create.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Configure access policies

October 14, 2020

Contributed by:

S L

October 14, 2020

Contributed by:

S L

Configure access policies

In this article