Create a Cisco Security Cloud Control User for the Passive Identity Agent

This task discusses how to create a Secure Firewall Management Center user with sufficient permissions to communicate with the passive identity agent. This user has limited privileges to perform other tasks; the user is expected only to enable communication with the passive identity agent.

Note

Use only the Passive Identity User role for the passive identity agent user. In particular, do not use the Administrator role for the passive identity agent because Administrator will be logged off at a regular basis as the passive identity agent communicates with the Secure Firewall Management Center.

Before you begin

Complete the tasks discussed in Create a Passive Identity Agent Identity Source.

Note

You cannot use external authentication with the Passive Identity Agent user.

Procedure

Step 1

Log in to the Cisco Security Cloud Control.

Step 2

Click System (system gear icon) > Users > Users.

Step 3

Click Create User.

Step 4

Create the user as discussed in Add or Edit an Internal User in the Cisco Secure Firewall Management Center Administration Guide.

Step 5

Select the Passive Identity User role.

The following figure shows an example.

The passive identity agent user must be assigned the Passive Identity User role and no other role.

Note

Do not choose a role for the passive identity agent user other than Passive Identity User because the agent will not function properly.

Step 6

Click Save.

What to do next

Install the Passive Identity Agent Software.