Have a security design question I wanted to confirm.

OSAdmin
Valued Contributor
Originally posted by Kathryn Watkins

4/23/2019

Have a security design question I wanted to confirm. Herbalife wants to restrict the IT system admins from seeing any data and make sure that they can only add / edit / provision users. If they just put users in groups that are assigned to the system security roles SystemPane and SecurityAdminPage, they can see the page but are not able to edit the users' provisioning.

1 REPLY 1

TonyToniTone
Contributor II
As of the time of this posting, a user cannot manage Security or do any user provisioning without receiving the Administrator role.  A new Security Role is coming out in the 6.6 release called Manage System Security.  This System Security Role enables the OneStream Administrator to delegate the tasks of managing Users, Groups and Roles to non-administrators.  This feature will enable the IT system admin to only add/edit/provision users