Managing Administrative Roles
Vaultastic uses role-based administration to manage domains, vaults, and system configuration.
Administrative privileges are assigned to Vault IDs. Every administrator must have a Vault ID with either Self Service or Full Access to the Active Store.
Each Vaultastic domain includes a default administrative vault called postmaster.
Default Administrative Vault (postmaster)
The postmaster vault is created during domain provisioning and serves as the primary administrative account.
The postmaster vault:
- Has the Senior Admin role
- Has Full Access to all Active Store content
- Can access the Admin Panel
- Is used to configure the system and create additional administrators
Using the postmaster login, administrators can:
- Create vaults for users
- Assign access permissions
- Grant administrative roles to other users
Important:
The postmaster account should be secured and used only for administrative tasks.
Default Administrative Roles
Vaultastic provides two predefined administrative roles.
| Role | Default Vault ID | Description |
|---|---|---|
| Senior Admin | org_<orgname>_admin | Full administrative access |
| Junior Admin | org_<orgname>_jradmin | Limited administrative access |
orgnamecorresponds to the registered organization email ID.- These roles are automatically created when the first Vaultastic domain is provisioned.
Senior Admin
Senior administrators have full control of the Vaultastic environment.
They can:
Access the Admin Panel
Configure domain properties
Create and delete vaults
Assign vault access permissions
Reset vault passwords
Assign administrative roles
Configure vault visibility in eDiscovery
Download or delete files from the Open Store and Deep Store.
Junior Admin
Junior administrators have restricted administrative privileges.
They can:
Access the Admin Panel
Create and manage vaults
View vault configurations
Download files from Open Store and Deep Store
They cannot:
Delete vaults
Reset vault passwords
Assign administrative roles
Change vault viewing permissions
Delete data from Open or Deep Stores
Custom Administrative Roles
Vaultastic includes Senior Admin and Junior Admin roles by default.
For additional or customized administrative roles:
- Contact Mithi Customer Care
- Provide required permissions and use-case details
Custom roles are created and assigned by the Vaultastic support team.
Assigning an Administrative Role
To assign an administrative role to a user:
Log in to the Admin Panel using a Senior Admin account (typically the
postmastervault).Select the Vaultastic domain.
Navigate to Vaults.
Select the vault corresponding to the user.
In the right panel, expand User Access.
Select the required administrative role.
Click Save.
The selected user will now have the assigned administrative privileges.
Prerequisites
Before assigning administrative roles:
- The user must have an active Vault ID
- The vault must exist in the selected domain
- The administrator performing the action must have Senior Admin privileges
Role Assignment Considerations
- Assign Senior Admin only to trusted users with full system responsibility
- Use Junior Admin for operational tasks with a limited scope
- Avoid assigning administrative roles to shared or generic vaults
Verification of Role Assignment
After assigning a role:
- Confirm the role is visible in the User Access panel
- Ask the user to log out and log back in
- Verify access to the Admin Panel and permitted actions
Revoking Administrative Roles
To remove administrative privileges:
- Log in to the Admin Panel as a Senior Admin
- Navigate to Vaults
- Select the user vault
- Expand User Access
- Change the role to a non-administrative role or remove elevated access
- Click Save
Changes take effect immediately.
Security and Access Control Guidelines
- Limit the number of Senior Admin accounts
- Regularly review administrative role assignments
- Ensure postmaster credentials are securely stored
- Use audit logs to track administrative actions
Troubleshooting
| Issue | Resolution |
|---|---|
| The user cannot see the Admin Panel | Verify role assignment and login session refresh |
| Role not applied after saving | Re-check permissions and reassign the role |
| Unauthorized access | Review role assignments and audit logs immediately |
Audit and Logging
All administrative actions (role assignment, vault changes, access updates) are logged in the system audit trail.
Refer to the Audit Trails section for:
- Viewing logs
- Exporting logs
- Monitoring admin activities