User management is an additional feature provided by Nessus that is most useful for a large enterprise environment where Nessus is used by multiple people in multiple locations. In such an environment, this feature enables administrators to enable different levels of access for multiple users on the Nessus scanner.
Nessus provides two different roles for users as follows:
- Administrator
- Nonadministrator
An administrator role has access to all functionalities of Nessus, whereas a non-administrator role has limited access. The non-administrator role doesn't have access to user management, general settings, feed settings, and advanced settings.
While installing Nessus, an administrative user is created for Nessus administration. To proceed with Nessus user management, it is necessary to log in with this account as it has administrator privileges.
The URL https://localhost:8834/ can be browsed to on a Windows machine.
Enter the administrator username and password to sign in. This displays the home page of Nessus as shown in the preceding screenshot.
Multiple tabs will be displayed under the administrative login. Click on the Users tab to move further with user management activities.
In Nessus, user management provides the following options:
- Adding a new user
- Deleting an existing user
- Changing the password for an existing user
- Changing the role of an existing user
Click on the New User button to add a new user.
This will display the new user prompt to set the username, password, and role for the new user as shown in the following screenshot:
Delete User is a functionality used when a user is no longer required on the Nessus scanner. In such cases, select the user who needs to be deleted from the Users header and click on the Delete User button from the options displayed on the right-hand side.
At times, an administrator receives requests to change passwords for users. It may be because a user has forgotten his/her password or because his/her role needs to be changed. In such cases, select the user for whom the password or role needs to be changed and double-click on that user. This will prompt you with the following window for a new password to be set or the role to be changed:
