If the new group is to be made an administrative group by giving it membership in another administrative group, select Members go straight to the management UI on web login. This option is not selected by default.
The If this read-only admin group is used with other administrative groups options control what happens when users start with membership in a user group that gives read-only administration (that is, the SonicWall Read-Only Admins group or one with membership in it) and then are added to other administrative user groups. To give users the:
Admin rights set by their other administrative groups with no read-only restriction, choose The administrative rights from the other groups override this (no read-only restriction). This setting allows the read-only admin group to be the default for a set of users, but then overrides the default for selected users by making them members of other administrative groups so they can do configuration. This option is selected by default. In the Local Users table, the Admin column for the user displays the other group’s designation, such as Ltd or “Full.”
To give member users the administration level set by their other groups, but restrict them to read-only access, select The administrative rights from the other groups will be restricted to read-only. In the Local Users table, the Admin column for the user displays the dual designation, such as Rd-Only Ltd.
To do a mix of both, select the first option for SonicWall Read-Only Admins, and then create another group that is a member of this group, but that has the second option selected (but not vice versa).
If a user is a member of a read-only admin group and has membership in no other administrative groups, then that member gets full-level access (as per SonicWall Administrators) restricted to read-only.