A Symantec Advanced Threat Protection (ATP) user is a user who can log into ATP Manager and then access features and perform functions based on the user's role. Each ATP user requires a user account.
As an administrator, you can add and manage user accounts in the following ways:
Add local user accounts
You can manually add user accounts in ATP Manager. When you add a local user account, you specify the user's login credentials, email address, and role. The user's role authorizes which ATP Manager pages the user can access and which functions the user can perform.
You manage local user accounts manually. For example, if you hire a new employee, you must add a user account for that individual. You must then make any future password and email address changes as required. If the employee leaves your organization, you disable the employee's user account.
AD integration facilitates the management of your ATP users by dynamically using the most current AD account information when users log into ATP Manager. If a user's information or employment status changes in AD, ATP automatically recognizes those changes.
You can add local user accounts and integrate with AD concurrently. If you do both, you should not add local user accounts that exist on your AD server. Additionally, you should have at least one local administrator account who can log into ATP Manager if ATP cannot access your AD server. This account may be your initial administrator account, or another account that you create.