Manage User Accounts

For more information about user accounts, see User Accounts.

View User Account Details

Required Tenable Security Center User Role: Administrator or organizational user with appropriate permissions. For more information, see User Roles.

To view the details of any user account:

  1. Log in to Tenable Security Center Director via the user interface.

  2. Click System > Users (administrator users) or Users > Users (organizational users).

    The Users page appears.

  3. Right-click the row for the user you want to view.

    The actions menu appears.

    -or-

    Select the check box for the user you want to view.

    The available actions appear at the top of the table.

  4. Click View.

    The View User page appears.

  5. View the following information for the user:

    Section Action

    General

    View general information for the user.

    • Created — The date the user was created.

    • Last Modified — The date the user was last modified.

    • ID — The user ID.

    Membership

    View role and organization information for the user. For more information, see User Account Options.

    Password Expiration

    View password expiration settings for the user. For more information, see User Account Options.

    Display Options

    View dark mode settings for the user. For more information, see User Account Options.

    Contact Information

    View contact information for the user. For more information, see User Account Options.

    API Key

    If the user has API keys, view the access key for the user. For more information, see Enable API Key Authentication.

    Linked User Details

    Required Tenable Security Center User Role: Administrator

    View linked user accounts associated with the user:

    • Linked Users — If the user is an Administrator, view the linked Security Manager users. If the user is a Security Manager, view the linked SM-Linked users.

    • Primary User — If the user is a linked Security Manager, view the associated Administrator user. If the user is an SM-Linked user, view the associated Security Manager user.

    For more information, see Linked User Accounts.

Filter the Users Page

Required Tenable Security Center User Role: Any

To filter the user accounts on the Users page:

  1. Log in to Tenable Security Center Director via the user interface.

  2. Click System > Users (administrator users) or Users > Users (organizational users).

    The Users page appears.

  3. To filter the users that appear on the page, apply a filter as described in Apply a Filter.

    Note: If you are logged in with an administrator account, the Organization filter is set to System by default. To view users from other organizations, select a different organization for the Organization filter.

Edit Your User Account (Administrator)

Required Tenable Security Center User Role: Administrator

You can edit your user account to update your password, contact information, display preferences, and other settings depending on your user role. If you want to edit a linked user account, see Manage Linked Users.

Note: The username can be changed for all users except the first Security Manager and the first administrator of each organization.

To edit your user account as an administrator:

  1. Log in to Tenable Security Center Director via the user interface.

  2. Click System> Users.

    The Users page appears.

  3. Right-click the row for your user account.

    The actions menu appears.

    -or-

    Select the check box for your user account.

    The available actions appear at the top of the table.

  4. Click MoreEdit.

    The Edit User page appears.

  5. Modify your user account settings. For more information, see User Account Options.

    Note: If you want to edit a Tenable Security Center user that was created via user provisioning and you enabled User Data Sync, edit the user in your SAML or LDAP identity provider. Otherwise, the Tenable Security Center user data synchronization overwrites your changes the next time the user logs in to Tenable Security Center using your SAML or LDAP identity provider. For more information about User Data Sync, see SAML Authentication Options or LDAP Authentication Options.

  6. Click Submit.

    Tenable Security Center Director saves your configuration.

Edit Your User Account (Organizational User)

Required Tenable Security Center User Role: Organizational user with appropriate permissions. For more information, see User Roles.

You can edit your user account to update your password, contact information, display preferences, and other settings depending on your user role. If you want to edit a linked user account, see Manage Linked Users.

Note: The username can be changed for all users except the first Security Manager and the first administrator of each organization.

To edit your user account as an organizational user:

  1. Log in to Tenable Security Center Director via the user interface.

  2. Click Username > Profile.

    The Edit User Profile page appears.

  3. Modify your user account settings. For more information, see User Account Options.

    Note: If you want to edit a Tenable Security Center user that was created via user provisioning and you enabled User Data Sync, edit the user in your SAML or LDAP identity provider. Otherwise, the Tenable Security Center user data synchronization overwrites your changes the next time the user logs in to Tenable Security Center using your SAML or LDAP identity provider. For more information about User Data Sync, see SAML Authentication Options or LDAP Authentication Options.

  4. Click Submit.

    Tenable Security Center Director saves your configuration.

Replace First User

Required Tenable Security Center User Role: Administrator

By default, the first user is the first Security Manager user account you create during setup. You can promote a different Security Manager account to first user to replace the previous Security Manager account.

When you replace a first user with a different Security Manager account, the promoted Security Manager will absorb the contents of the previous Security Manager's account. The promoted Security Manager account will keep both its objects and the objects of the previous Security Manager account, because that data is not cleared before the migration. After the replacement, the promoted Security Manager loses any previous notifications and running jobs.

Note: When you promote a certificate-based user account to first user, the promoted user account automatically changes to password-based authentication.

Before you begin

  • These steps assume you already have more than one Security Manager account. If you do not already have a second Security Manager account, create a new user account with the Security Manager role. For more information about creating user accounts, see User Accounts.

To replace the first user with a different Security Manager user account:

  1. Log in to Tenable Security Center Director via the Admin user interface.

  2. Click Users > Users.

    The Users page appears.

  3. On the left side of the page, select the organization by which you want to filter the page.

  4. Right-click the row for the current Security Manager first user.

    The actions menu appears.

    -or-

    Select the check box for the current Security Manager first user.

    The available actions appear under More at the top of the table.

  5. Click Replace First User.

    The Replace First User window appears.

  6. In the Users drop-down, select the Security Manager that you want to promote to first user.

  7. In the New Password box, type a new password for the user.

  8. Click Replace.

    The Security Manager you selected in step 5 is promoted to first user.

Delete a User Account

Required Tenable Security Center User Role: Administrator or organizational user with appropriate permissions. For more information, see User Roles.

Notes:

  • If you want to migrate a user's objects, you must use a Security Manager account in the user's organization to delete the user. Other roles cannot migrate user objects.

  • You cannot delete the initially created Administrator and Security role users from any of your organizations. You can replace the initial Security Manager user. For more information, see Replace First User.

  • If you want to delete an Administrator or Security Manager with linked user accounts, you must delete the linked accounts associated with the Administrator or Security Manager before deleting the Administrator or Security Manager, as described in Delete a Linked User Account. For more information about linked user accounts, see Linked User Accounts.

  • If you want to delete a Tenable Security Center user that was created via user provisioning, delete the user from your SAML or LDAP identity provider. If you delete a user in Tenable Security Center that was created via user provisioning without deleting the user in your SAML or LDAP identity provider, Tenable Security Center automatically re-creates the user in Tenable Security Center the next time they log in using your SAML or LDAP identity provider. For more information, see SAML User Provisioning or LDAP User Provisioning.

To delete a user:

  1. Log in to Tenable Security Center Director via the user interface.

  2. Click System > Users (administrator users) or Users > Users (organizational users).

    The Users page appears.

  3. Select the user you want to delete:

    • To delete a single user:

      1. In the table, right-click the row for the user you want to delete.

        The actions menu appears.

      2. Click Delete.

    • To delete multiple users:

      1. In the table, select the check box for each user you want to delete.

        The available actions appear at the top of the table.

      2. At the top of the table, click MoreDelete.

    A confirmation window appears.

  4. (Optional) If you want to migrate the user's objects, click the toggle to migrate the user's objects to another user. Tenable Security Center supports migrating:

    • Active scans, agent scans, and scan results

    • Custom assets, credentials, audit files, and scan policies

    • Freeze windows

    • Queries

    • Tickets and alerts

    • ARCs

    • Dashboards

    • Reports, report images, report attributes, and report results

    If you do not migrate the user's objects, Tenable Security Center deletes the user's objects.

    Note: The following are considerations for migrating objects:

    • You cannot migrate objects when deleting an Administrator user because all Administrator-created objects are shared across Tenable Security Center and remain accessible after user deletion.

    • If you delete a linked non-admin user, the user's objects can only be migrated to the linked Security Manager account. For more information about linked user accounts, see Linked User Accounts.

    • When you delete multiple users, you cannot migrate objects for the users unless you are logged in as an Administrator.

  5. Click Delete.

    Tenable Security Center deletes the user.