Admin Management

Owned by Matthew Sywulak
Last updated: Jan 17, 2024 by Matthew Sywulak
3 min read

Summary

INKY’s Admin List feature allows for easy admin management for your INKY team. As a Super Administrator, it allows for complete control and oversight of all of your INKY team admins.

Roles and Permissions

Role

Application

Description

Role

Application

Description

Viewer

Read-only

Entirely read-only that view all policy settings, but does not have the ability to alter anything.

Analyst

Basic access

Has read access, and can perform basic actions like add/remove to Allowlist or Blocklist.

Policy Admin

Policy access

Can modify all policy settings and perform remediation tasks.

Super Admin

Full access

Can modify all policy settings, perform remediation tasks, manage all admins, and see the Admin List functionality within INKY.

*Only Super Admins will have visibility and use of this function. In order to request to have your admin account elevated, please reach out to support@inky.com.

Add Admin by Email Address

If you have a Microsoft or Google account the process for adding a user via email is straightforward.

  1. Login in as an account with Super Admin rights

  2. Navigate to Settings then Admin List, Select “Add New Admin”, enter the email address of the user you want to add, select the role for that user and click add.

    1. The email address can be from any domain.

    2. Once permission is granted inform the user that they'll be able to login

 

 

Add Admin by Active Directory Groups

Using the Domain and Directory API access INKY can pull directory groups from M365 and Google Workspace and you can assign appropriate roles to their members. Follow the steps below to get started.

image-20240117-164125.png

Detailed Steps

  1. Enabled Domain and Directory Access API Access - INKY

  2. Select “Admins by Active Directory groups” Admin Management - INKY

  3. Add New Group

    1. Select the appropriate group from the “Tenant Group” dropdown

    2. Assign the appropriate role for members of that group

If a user is a member of multiple groups that have different roles, then that user will gain the privileges at the highest-level group they are a member.

You can also assign groups to an organization level. Organizations are denoted with the “Skyscraper” icon, options listed when you have an organization selected affect all of the child teams - including which users can manage a child team. Groups pulled at an organization level come from the base team that’s created to build an organization.

For example: polvocapital-o365 is the base teamid used for INKY’s honeypot account. In the picture above there is no “Skyscraper” icon next to “Polvo Capital” in the top left corner of the picture - this means we’re looking at the base team.

In the picture below you’ll see fewer settings options and the “Skyscraper” icon next to “Polvo Capital” - these means we’re looking at the organization level. The groups in the Tenant Group dropdown are the same as the base team because the organization inherits them. This allows MSPs (organizations) the ability to assign groups to specific INKY roles, giving members access at the appropriate level to all child teams.

If you don't have a Microsoft or Google account please open a ticket with support@inky.com for assistance.