NetID Administrator Roles and Permissions

Modified on: Wed, Oct 16 2024 2:45 PM

Description:

NetID administrators are CSU faculty and staff whose job duties require them to support CSU faculty, staff and students in using the NetID website, including to activate their NetID, change or recover their NetID password, change their email alias, and view their NetID information.

Applicable to:

Fort Collins and Pueblo staff who are NetID administrators

Prerequisites

NetID administrators must be staff members.
Student hourly employees working for IT departments and other temporary employees may only have read only NetID admin access.
All NetID administrators must read, regularly review, and comply with the NetID Administration Acceptable Use statement.

NetID Administrator Actions, Roles and Permissions

Read Only Admins can search and view person information, lists of admins and service accounts, logs, and reports, but they cannot make any changes.
Activation Email Admins can also add and remove NetID activation email addresses.
Help Desk Admins can also add and remove NetID password recovery email addresses and reconcile accounts. This is usually the appropriate role for Human Resources staff.
Partial Admins can also update email aliases, reset NetID passwords, and manually disable accounts. This role is more limited and generally reserved for supervisors.
Full Admins can also extend, reactivate and deactivate NetIDs, and add and remove administrators, service accounts, and admin and service account requesters.
This role is limited to Identity and Access Management staff.
The table below has a complete list of authorized actions for each admin role.

Permitted Actions	Menu	Admin Roles
Permitted Actions	Menu	Full	Partial	Help Desk	Read Only	Activation Email	Bulk Activate	Admin Requester	Service Account Requester
Person Search, Advanced Search, MidPoint Search	Admin	Yes	Yes	Yes	Yes	Yes	No	No	No
View NetID Administrators	Admin	Yes	Yes	Yes	Yes	Yes	No	No	No
Request NetID Administrator Privileges	Admin	Yes	No	No	No	No	No	Yes	No
Add/Remove NetID Administrators	Admin	Yes	No	No	No	No	No	No	No
Search/List NetID Service Accounts	Admin	Yes	Yes	Yes	Yes	Yes	No	No	Yes
Request NetID Service Accounts	Admin	Yes	No	No	No	No	No	No	Yes
Add/Remove NetID Service Accounts	Admin	Yes	No	No	No	No	No	No	No
View System Status	Admin	Yes	Yes	Yes	Yes	Yes	No	No	No
Bulk Activate Extended Studies Students	Admin	Yes	No	No	No	No	Yes	No	No
Bulk Password Reset	Admin	Yes	Yes	No	No	No	No	No	No
View Usage Statistics and User Statistics	Admin	Yes	Yes	Yes	Yes	Yes	No	No	No
View Logs	Admin	Yes	Yes	Yes	Yes	Yes	No	No	No
Agree to NetID Admin Acceptable Use Statement	Admin	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes

View Person Info	Person Admin	Yes	Yes	Yes	Yes	Yes	No	No	No
View Preferred First Name	Person Admin	Yes	Yes	Yes	Yes	Yes	No	No	No
Update Preferred First Name	Person Admin	Yes	No	No	No	No	No	No	No
View Email Alias	Person Admin	Yes	Yes	Yes	Yes	Yes	No	No	No
Update Email Alias	Person Admin	Yes	Yes	No	No	No	No	No	No
Add, Remove Activation Emails	Person Admin	Yes	Yes	Yes	No	Yes	No	No	No
Add, Remove Recovery Emails	Person Admin	Yes	Yes	Yes	No	No	No	No	No
View Duo Devices	Person Admin	Yes	Yes	Yes	Yes	Yes	No	No	No
View Directory Display	Person Admin	Yes	Yes	Yes	Yes	Yes	No	No	No
View Service Accounts	Person Admin	Yes	Yes	Yes	Yes	Yes	No	No	Yes
Reconcile Account	Person Admin	Yes	Yes	Yes	No	No	No	No	No
Reset Password	Person Admin	Yes	Yes	No	No	No	No	No	No
Disable Account	Person Admin	Yes	Yes	No	No	No	No	No	No
Extend Expiration, Reactivate, Deactivate Account	Person Admin	Yes	No	No	No	No	No	No	No
View MidPoint, LDAP, AD, M365 Accounts	Person Admin	Yes	Yes	Yes	Yes	Yes	No	No	No
View Logs	Person Admin	Yes	Yes	Yes	Yes	Yes	No	No	No

How to view NetID administrators and their roles

NetID administrators and their roles are visible to other NetID administrators.

When logged in to the NetID website, your own NetID admin role is shown near the top of each page after your name, email, CSU ID and NetID.
To view any NetID administrator roles for another person,
1. Select Menu > Admin > Person Search.
2. Search for a person by name, email, CSU ID, or NetID, and click their name to view their information.
3. Scroll down to the Affiliations section and look for NetID Admin Roles.
To view a list of all NetID administrators and their roles,
1. Select Menu > Admin > NetID Administrators.
2. Search by Admin or Requester NetID, or filter by department name or code, campus, and/or admin role.
3. Click Search.
4. You can use the Further results box to further refine your search, if needed.

Colorado State University