In the Multi-Person Authorization, each operation is implemented for a specific task. Each individual operation provides optional configurations that can be set to meet various requirements. Configurations set in an individual operation will override the corresponding Global Configuration.
The following configurations are common in both the Global configuration and the Operation level configurations:
-
User groups which can authorize the request: The users of the selected user groups can authorize requests.
-
Number of approvers: Number of users required to authorize the request.
To configure an authorization operation, on the Command Center, go to Manage > Security and then click Multi person authorization tile, click the Action button 
beside the operation, select Edit, and modify the configurations as needed.
The following operations are available on the Command Center. For more information about configuring an operation, see Configuring the Default Multi-Person Authorization Operations.
| Authorization Operations | Description | Optional Configurations |
|---|---|---|
| Delete Client | This operation triggers the authorization email request to retire and delete the server from the Commcell or company level. | - Select client groups for which client deletion will need authorization:The deletion of clients from selected client groups would require authorization. - User groups which can authorize the request: The users of the selected user groups can authorize the requests for deleting the client. - Number of approvers: Number of users to authorize the request. - Delete Client: By default, requires authorization from the configured approvers to delete a client. Move the toggle key to the left to skip authorizations and perform the delete operation. - Retire Client: By default, requires authorization from the configured approvers to retire a client. Move the toggle key to the left to skip authorizations and perform the retire operation. |
| Delete Company | This operation authorizes a user to delete a company. | - User groups which can authorize the request: The users of the selected user groups can authorize requests for deleting a company. - Number of approvers: Number of users to authorize the request. |
| Delete Storage Policy | This operation triggers the authorization email request to delete the storage policies that is associated with a plan. | - User groups which can authorize the request: The users of the selected user groups can authorize the email requests. - Number of approvers: Number of users required to authorize the request. |
| Delete Storage Policy Copy | This operation triggers the authorization email request to delete the storage policy copies that is associated with a plan. |
- User groups which can authorize the request: The users of the selected user groups can authorize the email requests. - Number of approvers: Number of users to authorize the request. |
| Delete Library Mount Path | This operation triggers the authorization email request to delete a library, a mount path, or a backup destination. | - User groups which can authorize the request: The users of the selected user groups can authorize the email requests. - Number of approvers: Number of users to authorize the request. |
| Disable Compliance Lock | This operation triggers the authorization email request to disable Compliance Lock option on storage. Note: Storage lock cannot be disabled. It is not possible to disable Compliance lock without appropriate authorization code. | - User groups which can authorize the request: The users of the selected user groups can authorize the email requests. - Number of approvers: Number of users to authorize the request. |
| Delete Agent | This operation triggers the authorization email request when a user attempts to delete the storage policies that is associated with a plan. | - User groups which can authorize the request: The users of the selected user groups can authorize requests for deleting an agent. - Number of approvers: Number of users to authorize the request. - Delete Agent: By default, requires authorization from the configured approvers to delete an agent. Move the toggle key to the left to skip authorizations and perform the delete operation. - Retire Agent: By default, requires authorization from the configured approvers to retire an agent. Move the toggle key to the left to skip authorizations and perform the retire operation. |
| Delete Backup Set | This operation triggers the authorization email request when a user attempts to delete a backup set. | - Select client groups for which backup set deletion will need authorization: The deletion of backup set from selected client groups would require authorization. - User groups which can authorize the request: The users of the selected user groups can authorize requests for deleting a backup set. - Number of approvers: Number of users required to authorize the request. |
| Delete Jobs | This operation triggers the authorization email request when a user attempts to delete a job from a storage policy copy. | - Set two factor authorization for Master user: Selecting this option will enforce Master group users to require authorization as well. Note: This operation is only available at the global level, and not at the tenant level. - User groups which can authorize the request: The users of the selected user groups can authorize requests for deleting a job. - Number of approvers: Number of users to authorize the request. |
| Delete Plan | This operation triggers the authorization email request when a user attempts to delete a plan. | - Select client groups for which backupset deletion will need authorization: The deletion of backup set from selected client groups would require authorization. - User groups which can authorize the request: The users of the selected user groups can authorize requests for deleting a plan. - Number of approvers: Number of users required to authorize the request. |
| Delete Subclient | This operation triggers the authorization email request when a user attempts to delete a subclient. | - User groups which can authorize the request: The users of the selected user groups can authorize requests for deleting a subclient. - Number of approvers: Number of users to authorize the request. |
| Delete Tape Media Contents | This operation triggers the authorization email request when a user attempts to delete a tape media or media contents. | - User groups which can authorize the request: The users of the selected user groups can authorize requests for deletion. - Number of approvers: Number of users to authorize the request. |
| Update Approval User Group | This operation triggers the authorization email request when a user attempts to update the members of a user-group configured as an approver group for dual authorization operations. | - User groups which can authorize the request: The users of the selected user groups can authorize requests for modification. - Number of approvers: Number of users to authorize the request. |
| Enable Root Access | This operation triggers an authorization email request when a user attempts to enable password based root access on the HyperScale nodes. Note: It is only available at the global level, and not at the tenant level. | - User groups which can authorize the request: The users of the selected user groups can authorize requests for deletion. - Number of approvers: Number of users to authorize the request. |
| Update Storage Policy Copy | This operation triggers an authorization email request when a user attempts to update a storage policy copy. | - User groups which can authorize the request: The users of the selected user groups can authorize requests for deletion. - Number of approvers: Number of users to authorize the request. |
| Disable Compliance Lock Via MSP | This operation triggers the second authorization email request to disable Compliance Lock on storage. Note: It is only available at the global level, and not at the tenant level. | - User groups which can authorize the request: The users of the selected user groups can authorize requests for deletion. - Number of approvers: Number of users to authorize the request. |
Related Topics
For information about Allow Tenant Admins To Opt In and other queries, refer to FAQ- Multi Person Authorization.