| Configure BEMS to have at least one user in the following Administrator roles: Server primary administrator, auditor. |
1. In the BEMS Dashboard, under "BEMS System Settings", click "BEMS Configuration".
2. Click "Dashboard Administrators".
3. Click "Add Group".
4. In the "Active Directory Security Group" field, type the name of the Microsoft Active Directory security group.
5. Click "Save".
6. Repeat steps 3 to 5 to add additional security groups.
7. For the server primary administrator, the default role of Admin meets the required roles and no additional configuration is needed.
8. For the Auditor role, complete the following steps:
- In active directory, create a domain auditor group and assign personnel designated as auditors to that group.
- Browse to the log repository.
- Right-click on the folder.
- Select "Properties".
- Select the "Security" tab.
- Click "Edit".
- Click "Add".
- Type in name of the user group.
- Confirm that only the necessary groups have rights to the folder (CREATOR OWNER, SYSTEM, Administrators, Auditors).
- Set proper permissions for auditors (Read, List folder contents, Read & Execute).