Documentation

Secure users

Suggest Edits

What are secure users?

In EPM Cloud for Linux, a secure user is a name with an associated credential, used to sign into one or more endpoints.

What is the $submituser$ account?

The $submituser$ is a special user account created to accommodate scenarios where you want to run PB shell programs that initialize using submituser.

Assigning $submituser$ as the run user for a role ensures the requested command runs as the submit user without specifying the request user (pbrun -u).

Add a new secure user

  1. Click > Endpoint Privilege Management for Linux > Policy.
    The Role Based Policy page displays.
  2. Click the Who tile.
    The Users page displays with a list of users.
  3. Click Add User/Group > Secure User.
    The Secure User panel slides out on the right.
  4. Click the Enable user toggle.
  5. Enter a user name and description.
  6. Click Save Changes.
    A confirmation message displays and the user is added to the list.

Edit a user name and description

  1. Click > Endpoint Privilege Management for Linux > Policy.
    The Role Based Policy page displays.
  2. Click the Who tile.
    The Users page displays with a list of users and groups.
  3. Locate the user you want to modify in the list.
  4. Click the user name you want to modify.
    The Secure User panel slides out on the right.
  5. Edit the user name and/or description.
  6. Click Save Changes.
    A confirmation message displays and the user is updated.

Edit a user's details

You can update user account information such as the name, description, and email address.

  1. Click > Endpoint Privilege Management for Linux > Console Access.
    The Console Access page displays.
  2. Locate the user you want to update.
  3. Click the user's Edit icon.
    The User Details page displays.
  4. Edit the first name, last name, description, and/or email address.
  5. Click Save User.
    The updates save to the user's account.

Assign a role to a secure user

  1. Click > Endpoint Privilege Management for Linux > Console Access.
    The Console Access page displays.
  2. Locate the user to whom you want to assign a role.
  3. Click the user's Edit icon.
    The User Details page displays.
  4. In the left menu, click Roles.
  5. Select the role(s) you want to assign.
    The selected role(s) automatically assign(s) to the user, and a success message displays.

Assign multiple secure users to a role

  1. Click > Endpoint Privilege Management for Linux > Roles.
    The Roles by user page displays.
  2. In the left Roles panel, click the role to which you want to add multiple users.
    The role page displays a list of all users, regardless of role assigned.
  3. Click Users without this role.
    The list refines and displays only those users without the role assigned.
  4. Select all users to whom you want to assign the role.
  5. Click Add selected users.
    Users are assigned to the role immediately, and a confirmation message displays.

Remove a role assignment from a secure user

  1. Click > Endpoint Privilege Management for Linux > Console Access.
    The Console Access page displays.
  2. Locate the user to whom you want to remove a role assignment.
  3. Click the user's Edit icon.
    The User Details page displays.
  4. In the left menu, click Roles.
  5. Deselect the role(s) you want removed from the user.
    The selected role(s) automatically unassign from the user, and a success message displays.

Unassign multiple secure users from a role

  1. Click > Endpoint Privilege Management for Linux > Roles.
    The Roles by user page displays.
  2. In the left Roles panel, click the role to which you want to remove multiple users.
    The role page displays a list of all users, regardless of role assigned.
  3. Click Users with this role.
    The list refines and displays only those users with the role assigned.
  4. Select all users to whom you want to unassign from the role.
  5. Click Remove selected users.
    Users are unassigned from the role immediately, and a confirmation message displays.

View all secure users assigned to a role

  1. Click > Endpoint Privilege Management for Linux > Roles.
    The Roles by user page displays.
  2. In the left Roles panel, click the role you want to view.
    The role page displays a list of all users, regardless of role assigned.
  3. Click Users with this role.
    The list refines and displays only those users with the role assigned.

View all secure users not assigned to a role

  1. Click > Endpoint Privilege Management for Linux > Roles.
    The Roles by user page displays.
  2. In the left Roles panel, click the role you want to view.
    The role page displays a list of all users, regardless of role assigned.
  3. Click Users without this role.
    The list refines and displays only those users without the role assigned.

Add a secure user to a group

  1. Click > Endpoint Privilege Management for Linux > Policy.
    The Role Based Policy page displays.
  2. Click the Who tile.
    The Users page displays with a list of users and groups.
  3. Locate the group you want to modify in the list.
  4. Click the group name.
    The Secure Group panel slides out on the right.
  5. At the bottom of the list, in the blank Username field, enter the user name of the user you want to add to the group.
  6. Click Save Changes.
    A confirmation message displays and the group updates with the user added.

Remove a secure user from a group

  1. Click > Endpoint Privilege Management for Linux > Policy.
    The Role Based Policy page displays.
  2. Click the Who tile.
    The Users page displays with a list of users and groups.
  3. Locate the group you want to modify in the list.
  4. Click the group name.
    The Secure Group panel slides out on the right.
  5. Locate the user name in the list.
  6. Click the Delete icon next to the Username field.
  7. Repeat for any additional users you want to remove from the group.
  8. Click Save Changes.
    A confirmation message displays and the group updates with the users removed.

Delete a secure user

❗️

WARNING

Deleting a user is an unrecoverable operation.

  1. Click > Endpoint Privilege Management for Linux > Policy.
    The Role Based Policy page displays.
  2. Click the Who tile.
    The Users page displays with a list of users.
  3. Locate the user you want to delete.
  4. Click the user name.
    The Secure user panel slides out on the right.
  5. Click Delete User.
    A confirmation message displays.
  6. Click OK.
    The user is deleted and the list updates.

Updated 14 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.