Admin Management
Summary
INKY’s Admin List feature allows for easy admin management for your INKY team. As a Super Administrator, it allows for complete control and oversight of all of your INKY team admins.
Roles and Permissions
Role | Application | Description |
---|---|---|
Viewer | Read-only | Entirely read-only that view all policy settings, but does not have the ability to alter anything. |
Analyst | Basic access | Has read access, and can perform basic actions like add/remove to Allowlist or Blocklist. |
Policy Admin | Policy access | Can modify all policy settings and perform remediation tasks. |
Super Admin | Full access | Can modify all policy settings, perform remediation tasks, manage all admins, and see the Admin List functionality within INKY. |
*Only Super Admins will have visibility and use of this function. In order to request to have your admin account elevated, please reach out to support@inky.com.
Add Admin by Email Address
If you have a Microsoft or Google account the process for adding a user via email is straightforward.
Login in as an account with Super Admin rights
Navigate to Settings then Admin List, Select “Add New Admin”, enter the email address of the user you want to add, select the role for that user and click add.
The email address can be from any domain.
Once permission is granted inform the user that they'll be able to login
Add Admin by Active Directory Groups
Using the Domain and Directory API access INKY can pull directory groups from M365 and Google Workspace and you can assign appropriate roles to their members. Follow the steps below to get started.
Detailed Steps
Enabled Domain and Directory Access API Access - INKY
Select “Admins by Active Directory groups” Admin Management - INKY
Add New Group
Select the appropriate group from the “Tenant Group” dropdown
Assign the appropriate role for members of that group
If a user is a member of multiple groups that have different roles, then that user will gain the privileges at the highest-level group they are a member.
You can also assign groups to an organization level. Organizations are denoted with the “Skyscraper” icon, options listed when you have an organization selected affect all of the child teams - including which users can manage a child team. Groups pulled at an organization level come from the base team that’s created to build an organization.
For example: polvocapital-o365
is the base teamid used for INKY’s honeypot account. In the picture above there is no “Skyscraper” icon next to “Polvo Capital” in the top left corner of the picture - this means we’re looking at the base team.
In the picture below you’ll see fewer settings options and the “Skyscraper” icon next to “Polvo Capital” - these means we’re looking at the organization level. The groups in the Tenant Group dropdown are the same as the base team because the organization inherits them. This allows MSPs (organizations) the ability to assign groups to specific INKY roles, giving members access at the appropriate level to all child teams.
If you don't have a Microsoft or Google account please open a ticket with support@inky.com for assistance.