Advanced Authentication (AAf): Helpdesk - Granular access rights for enrolladmin to edit users

Today every Enroll-Admin can change all authenticator of every users. This may cause a security issue.
Which means that an enroll admin can take over an account from Management Users (High privileged), Administrators etc.

With the latest version 6.2 it is only possible to set a couple of groups / users as FULL admin to protect them against take over.

Please create the ability to define which Enroll-Admins can manage which groups (from the repository).
As an example:
It should be possible to set several Enroll-Admin-Groups (from the Repository) to specify which of these enroll-admins are able to manage users from specific groups.

Enroll-AdminGroup-Sales (from Repository) is only able to manage users from the Group "Sales" (from Repository)
Enroll-AdminGroup-Management (from Repository) is only able to manage users from the Group "Management" (from Repository)
Enroll-AdminGroup-Marketing (from Repository) is only able to manage users from the Group "Marketing" (from Repository)

by: Kevin S. | over a year ago | Integrations

Upvoted on behalf of MAHLE Group

by: Dan B. | over a year ago

Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.

7

Helpdesk - Granular access rights for enrolladmin to edit users

Comments