[midPoint] How to manage Administrator accounts associated with Roles
Michael Canady
canady at jlab.org
Tue Feb 11 15:34:32 CET 2025
Hello everyone,
I'm seeking advice on managing administrative accounts tied to specific roles within our organization.
Background:
We currently create compartmentalized administrator accounts for users based on their roles. For example, if a user is an administrator of a specific server, a new account is created and added to a group called "{server} administrators," granting administrative rights on the designated server(s). We are exploring ways to achieve this effectively, especially when some compartment accounts need to be shared across multiple roles.
Questions:
1.
Is a "meta" role the best/recommended approach to handle account creation?
2.
How should entitlements be managed?
Thanks in advance,
Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20250211/90c0d918/attachment.htm>
More information about the midPoint
mailing list