Have a security design question I wanted to confirm.

Question

Originally posted by Kathryn Watkins
4/23/2019
Have a security design question I wanted to confirm. Herbalife wants to restrict the IT system admins from seeing any data and make sure that they can only add / edit / provision users. If they just put users in groups that are assigned to the system security roles SystemPane and SecurityAdminPage, they can see the page but are not able to edit the users' provisioning.

TonyToniTone · Answer

As of the time of this posting, a user cannot manage Security or do any user provisioning without receiving the Administrator role.&nbsp; A new Security Role is coming out in the 6.6 release called Manage System Security.&nbsp; This System Security Role enables the OneStream Administrator to delegate the tasks of managing Users, Groups and Roles to non-administrators.&nbsp; This feature will enable the IT system admin to only add/edit/provision users

Forum Discussion

Have a security design question I wanted to confirm.

Related Content

Confirmation Rules

Frequently Asked Questions

Security

Question: Is it possible to loop through members within confirmation rules?

Extensibility Question