Home
Using the Console
This section provides information about using the SOTI MobiControl console to perform the various management tasks.
Managing Users
Built-in User Management
Defining Access Permissions

Welcome to SOTI MobiControl 2026.0 Help
SOTI MobiControl is an enterprise mobility management solution designed to help you efficiently manage your organization's devices. Use the SOTI MobiControl Help Center to explore its full range of features.
What's New in SOTI MobiControl
Setting Up SOTI MobiControl
This section provides instructions for installing, activating, and upgrading SOTI MobiControl instances.
Using the Console
This section provides information about using the SOTI MobiControl console to perform the various management tasks.
- About the SOTI MobiControl Console
- Using Stella
- Managing Users
  - User Management in SOTI Identity
  - Built-in User Management
    - The Recommended Workflow
    - Creating Roles
    - Renaming Roles
    - Cloning Roles
    - Creating Users
    - Assigning Users to Roles
    - Editing Users
    - Locking Users
    - Locking Multiple Users
    - Unlocking Users
    - Unlocking Multiple Users
    - Removing Users from a Role
    - Adding Groups
    - Assigning Groups to Roles
    - Editing Groups
    - Removing Groups from a Role
    - Defining General Permissions
    - Copying A Role/Group/User's General Permissions
    - General Permissions
    - Defining Permissions Based on a Device Group
      Define or edit permissions for users, groups, or roles based on specific device groups. This provides precise control over device actions and access. Options to copy permissions to users, groups, or roles is also available.
    - Device Group Permissions
    - Defining Access Permissions
    - Resetting Access Permissions
    - Viewing User Activity Logs
    - Deleting Users, Groups, and Roles
    - How to Use Bulk Action Limits in SOTI MobiControl
      Control the number of devices impacted by a single device action.
  - Setting an Access Control Policy
  - Manually Assigning an LDAP User Account to a Device
  - Assigning Users to Devices by Importing a CSV File
  - Enhanced Access Permissions
- Managing Devices
- Managing Configurations
- Managing Applications
- Managing Data
- Managing Certificates
  Manage and deploy digital certificates in SOTI MobiControl, including manual uploads and dynamic certificates issued via integrated certificate authorities.
- Monitoring Devices
- Troubleshooting Device Issues
- Generating Reports
- Managing System Settings
- Other Features
- SOTI MobiControl Console Reference
System Health
View vital system stats in a variety of interactive, up-to-date charts and tables.
SOTI MobiControl Administration
This section provides information about how to perform various administrative tasks related to SOTI MobiControl. These tasks include monitoring your SOTI MobiControl system, changing deployment settings, integrating SOTI MobiControl with third-party applications, and performing various modifications that extend SOTI MobiControl beyond its standard configuration.
Using Package Studio
This section provides information about how to use SOTI MobiControl Package Studio to create data packages for devices.
Using Script Commands
Send scripts and execute commands on your devices with SOTI MobiControl. Script commands are supported on the following platforms:
Using SOTI MobiControl Stage
This section provides information about how to use SOTI MobiControl Stage to quickly and easily enroll devices.
Cloud Link Agent
Glossary
Notices

Defining Access Permissions

About this task

By default, upon creation, each user management entity (user, group, or role) can be edited by any SOTI MobiControl other user management entity. You can (and should) limit access to the entity editing, and even viewing, to the relevant personnel.

To define what user(s), group(s), and role(s) will be able to view/edit an entity:

Procedure

Select Users and Permissions from the main menu.
In the left pane, select the required tab (Roles, Users, or Groups).
Right-click the required entity to open the context menu.
Select Access Permissions to open the Access Permissions dialog (see Access Permissions).
Optional: To set access permissions to their default (the entity itself, the Administrator role, and whatever other entities have the required rights in your environment), click Save without making any changes.

Define access permissions as required:


Search Users, Groups, or Roles	Type the name of the entity you are looking for to filter the list below to matching results.
Add (+)	Select this icon to open a dialog box where you can search for, and select, user management entities to be added to the permission list below.
Users, Groups, or Roles	This section lists user management entities that can view or edit the current entity. The list contains the following columns: Name: The entity name Permissions: Select the permission type: None, Read Only, Read and Write, or Read and Write with Approval The Delete icon: Select to delete the entity from the list

Click Save to save changes or Cancel to discard changes.

Example