# Custom user roles

OpUtils enables you to create custom user roles that allows you to define different access privileges to different users associated with your OpUtils console. This helps you restrict access to your network monitoring resources, without compromising on your ability to delegate your team members access to their respective network monitoring activities.

The different levels of access that can be provided in OpUtils for users through custom roles include: Read/Write, Read and No Access.

## Creating custom roles

To create custom user roles in OpUtils, please follow the instructions given below:

1. Go to **Settings > Basic Settings > User Management**, and click on **Roles**.
2. Click on the **Add Roles** button.
3. Specify the role **Name** and **Description** in the respective fields.
4. Under **Common Settings** and **OpUtils**, choose the level of access for each module such as Dashboard, Reports, IP Address Manager and Switch Port Mapper.
5. Click on **Save**.

![ ](https://www.manageengine.com/products/oputils/images/add-role.png)

## Associating user roles with new users

To restrict access by associating a User Role to a new user, please follow the steps given below:

1. Go to **Settings > Basic Settings > User Management**, and click on **User**.
2. Click on the **Add User** button.
3. Select the required role from the **Role** field's dropdown.
4. Select the appropriate user type from the **User Type** field's dropdown.
5. Enter the required details and credentials.
6. Click on **Save**.

To associate a different user role to an existing user, go to **Settings > Basic Settings > User Management**, click on the Username of the user you want to edit and follow the above steps.

![ ](https://www.manageengine.com/products/oputils/images/add-user-role.png)

### Note:

- If a role is associated to any user or configured under auto-login in AD domain, deletion of the role will not be possible.
- If the scope of the user is restricted, they might be restricted from performing a few actions even if the role allows it. This is to ensure that a user with limited scope does not perform any operation that may require additional privileges.
- A user role can be edited after users have been associated to it but cannot be deleted.

## Related Products

- [Network Monitoring](https://www.manageengine.com/network-monitoring/?relPrd)
- [Bandwidth Monitoring & Traffic Analysis](https://www.manageengine.com/products/netflow/?relPrd)
- [Network Configuration Management](https://www.manageengine.com/network-configuration-manager/?relPrd)
- [Switch Port & IP Address Management](https://www.manageengine.com/products/oputils/?relPrd)
- [Firewall Management](https://www.manageengine.com/products/firewall/?relPrd)
- [Network Monitoring Software for MSPs](https://www.manageengine.com/network-monitoring-msp/?relPrd)
- [IT Operations Management](https://www.manageengine.com/it-operations-management/)
- [Application Performance Monitoring](https://www.manageengine.com/products/applications_manager/?relPrd)