Peer Roles

The Peer Roles page defines the permission model for all Peer accounts in MSPControl. Peer Roles determine what each peer can see and do in the customer portal. They are fully customizable — administrators can create any number of roles and specify access rights to each module using View, Edit, Create, and Delete permissions.

Navigation

Open Peer Roles from the main customer menu to see a list of all existing roles. The page shows each role’s name, how many peers use it, and quick management controls.

Page Overview

• + Create Peer Role — opens the role creation form where you define a new permission set.
• Column Visibility — allows hiding or showing specific columns in the table.

 

Roles Table

• Name — the role name as it appears in the Peers list when assigned to a user.
• Users Count — number of peers currently using this role.
• Copy — allows duplicating an existing role as a template for a new one.

 

Creating a New Peer Role

When you click + Create Peer Role, the system opens the New Peer Role screen. This page allows you to build a custom permission profile by enabling or disabling specific access rights for dozens of system areas.

Role Name

Enter a clear and descriptive Name for the role (for example, Custom Admin, Billing Viewer, or Device Technician). This name will later appear in the role dropdown when creating or editing peer accounts.

Permission Structure

Each section of the page represents a functional area of MSPControl. Within every area, you can grant up to four permission types per feature:

• View — allows the peer to open the page or view data without making changes.
• Edit — allows modifying existing items.
• Create — allows adding new entries.
• Delete — allows removing entries.

 

Every section includes Select All buttons at the top of each column, letting you quickly grant full access or restrict it entirely. Permissions are grouped logically by modules and functions.

Main Permission Categories

Admin Account

Controls administrative functions such as:

• Customers
• Hosting Plans
• Hosting Add-Ons
• Peers
• Peer Invitations

 

Account

Defines access to account-level operations and management menus, including:

• Subscriptions
• Hosting Spaces
• Space Statistics
• Space Add-Ons
• Peers
• Peer Roles
• Customer Approvals
• Scheduled / Running Tasks
• Email Routes
• Audit Log
• Two-Factor Authentication
• Space Home operations (Backup, Delete, Import, Restore)
• User Account Management (Change Password, Delete Account, User Account Details)
• Account Suspension, Notes

 

VirtuBot

Grants access to VirtuBot configuration and automation features, including:

• Notification Groups
• Peer Functions (e.g., Reinvite Peer)

 

Configuration

Controls infrastructure and global settings:

• Virtual Servers, RDS Servers, Devices, Intune Templates, Storage Spaces
• VM Templates, IP Addresses, Virtual Networks
• System Settings, Policies, Licensing, Security Improvements
• Mail Templates, Phone Numbers, Scheduling Groups, Update Dashboard
• Admin Relationships, Dashboards, Scheduling Invitations

 

Dashboards

Allows managing data visualization dashboards and their widgets:

• Disk Space, Bandwidth, Azure, Risky Users, Veeam, Cloud Folders, Receivables
• Widgets such as Tickets, SLA, Employees, SmileBack CSAT Score, Top Customers, etc.

 

Override Quota

Provides advanced override permissions on space-level resources:

• Override quotas on Space level
• Add/Edit Addons on Space level

 

Space Statistics

Controls visibility and management of per-space resources:

• Domains
• FTP Accounts
• File Manager
• Documentation assets (Documents, Photos, Notes, Passwords, Certificates)

 

Documentation

Gives granular access to MSPControl’s internal document repository and secrets manager:

• Assets, Deleted Assets, Documents, Photos, Notes, Passwords, Certificates
• Activity Logs (Photo Gallery Log, Certificate Logs, Note Logs, Password Logs)
• Privileged Access and History
• Visibility controls such as “Allow showing passwords in Certificates” or “Allow showing MFA codes”.

 

Web

Manages website hosting permissions:

• Websites, IP Addresses, Shared SSL Folders
• Advanced Web Statistics, Domain Registrar, System Hard Quota

 

Mail

Gives control over mail hosting:

• Accounts, Aliases, Groups, Lists, Domains

 

Databases

Controls SQL and MySQL database access:

• SQL Server, MySQL, ODBC DSNs

 

Hyper-V

Defines rights over Hyper-V environments:

• VPS spaces, External / Management / Private Networks
• Virtual Networks, Audit Log

 

Hosted Organization

Controls all hosted organization management:

• User Binding, Active Users, Deleted Users, Groups
• Password Policy, Federation, ADSync Users, Locations, Domains
• General Settings, Organization Statistics, Send Users Report

 

Hosted Organization – Azure

Manages Azure-related policies and dashboards:

• Azure Settings, Security, Dashboard, Alert Templates
• Guest Users, Subscriptions, Microsoft 365 Groups, Azure Domain Service

 

Hosted Organization – Office 365

Controls Office 365 monitoring and service health:

• Subscription Dashboard, OneDrive Storage Usage, Service Health

 

Hosted Organization – Exchange Online

Gives access to Exchange-related features:

• Mailboxes, Contacts, Distribution Lists, Transport Rules, Retention Policy
• Signatures, Disclaimers, Journaling, Storage Usage

 

Hosted Organization – SharePoint Online

• SharePoint Sites and Storage Usage

 

Hosted Organization – Microsoft Teams

• Teams Users and User Plans

 

Hosted Organization – Cloud Folders

• Shared / Personal Folders, Dashboard, Drive Maps

 

Hosted Organization – Remote Desktop Services

• RDS Collections and RDS Servers

 

Hosted Organization – Devices

Controls RMM and device management functionality:

• Devices, Device Settings, Agentless Intune Policies, Device Map
• Agentless Devices, Device Apps, Azure Monitor
• Device Functions such as Reboot, Firewall Access, Repair, ScreenConnect, Send Logs, and Windows Updates.

 

Hosted Organization – Backups

• Veeam Backups and Settings, Azure Backups and Settings

 

Subscriptions

Controls all subscription and billing-related actions:

• Manage Credit Account, Adjust Balance, Make Payments, Process Refunds
• Cancel / Reactivate Subscriptions, Change Terms, Offline Payments

 

DNS

• View / Edit Zones, Manage SOA Records

 

ConnectWise

• Company ID, Tickets Integration, and other sync options

 

Bot API

• Users, Policy Options, ConnectWise Tickets

 

Check-In

• Time tracking actions (Check In/Out, Manual Time Entry, PTO Request, Lock/Unlock Timesheet)

 

WebDav

• WebDav file operations

 

Best Practices

• Create roles that match your operational model (for example, Customer Viewer, Billing Manager, Technician).
• Do not reuse a single “Admin” role for all users — split it into smaller, function-specific roles.
• Always test new roles using a sample peer before assigning them broadly.
• Regularly review role definitions to remove unused modules and tighten access.
• Keep documentation of each custom role’s purpose for audit and compliance clarity.