1. Expand Users and Groups in the left pane. Select the Item (i.e., User, Role or Group) to which you want to control access (in this example, User Zoe), right-click and select Control Access to this User.
   
    
2. Click Add and Remove Members and then select the User, Group or Role to which you want to give access to the User Zoe. In this example, select the User Emily. Click Add Member >> so the User Emily is displayed in the list Contains the following. Click Confirm.
   
    
3. Select Allow or Deny for each Operation.

• Item – The selected User, Role or Group to which access control is being configured (User Zoe in the above example).
• User – The name of the User who is being given access to the Item (Emily in the above example).
• Read – Allows the User read access to the Properties of the Item.
  Cannot be set to Deny if Update is set to Allow.
• Update – Allows the User (Emily) to update the Description, Forename, Middle name(s), Surname, Email address, Hidden and Disabled settings of the Item (Zoe), unless specifically Denied by the following Access Control settings. Cannot be set to Deny if Delete, Change password, or Set access control is set to Allow.
• Delete – Allows the User (Emily) to delete the Item (Zoe).
• Change password – Allows the User (Emily) to change the password of the Item (Zoe).
• Set access control – Allows the User (Emily) to set the access controls (configure ACLs) for the Item (Zoe).

Note: Be careful when removing a Group/Role/User’s ability to Set access control to an Item not to remove your own privileges as you will then be unable to change them back.

4. Click on the Save and Close button to save the ACL changes to the Item or Cancel to exit without changing the ACL of the Item.
5. Make sure the User (in this example Emily) has Permissions set to Allow them to Manage Users & Groups. See Table 152, “Terminology: User Permissions”