Unit administrators at U-M determine the logic of who should be eligible for various permissions. Today, all changes go through central IT because there is no way for a unit administrator to be able change the membership expressions only for their own business roles and/or applications. Ideally, unit administrators would not be able to assign permissions within a business role for applications they are not approved to use.

In addition, unit administrators should be able to make changes to their business roles without causing time backlogs for other business roles and applications.

by: Victoria G. | over a year ago | Other