<div dir="ltr">Hi,<div>I tried to setup delegated administrator for organization (user management + workflow tasks) and ended with role like below. This, assigned to user, does not allow him to see attributes when creating user, thus admin can't enter values into them (name, for example). </div><div><br></div><div>What am I missing? Is there example for delegated administrator? (I checked web and git already)</div><div><br></div><div>regards</div><div>Petr G.</div><div><br></div><div>-------------------------------------------</div><div><br></div><div><div><role xmlns="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"</div><div>      xmlns:icfs="<a href="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3">http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3</a>"</div><div>      xmlns:t="<a href="http://prism.evolveum.com/xml/ns/public/types-3">http://prism.evolveum.com/xml/ns/public/types-3</a>"</div><div>      xmlns:c="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"</div><div>      xmlns:q="<a href="http://prism.evolveum.com/xml/ns/public/query-3">http://prism.evolveum.com/xml/ns/public/query-3</a>"</div><div>      xmlns:ri="<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3</a>"</div><div>      oid="delegatedAdmin"</div><div>      version="23"></div><div>   <name>Delegated administrator</name></div><div>   <activation><br></div><div>      <effectiveStatus>enabled</effectiveStatus></div><div>   </activation></div><div>   <iteration>0</iteration></div><div>   <iterationToken/></div><div>   <authorization id="1"></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read">http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read</a></action></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#modify">http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#modify</a></action></div><div>      <object></div><div>         <type>OrgType</type></div><div>      </object></div><div>      <object></div><div>         <type>ResourceType</type></div><div>      </object></div><div>      <object></div><div>         <type>RoleType</type></div><div>      </object></div><div>      <object></div><div>         <type>ShadowType</type></div><div>      </object></div><div>      <object></div><div>         <type>UserType</type></div><div>         <orgRef xmlns:tns="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"</div><div>                 oid="3404b331-57c0-4bef-b699-0192ce8d728b"</div><div>                 type="tns:OrgType"></orgRef></div><div>      </object></div><div>   </authorization></div><div>   <authorization id="2"></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#dashboard">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#dashboard</a></action></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#myPasswords">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#myPasswords</a></action></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#users">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#users</a></action></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#userDetails">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#userDetails</a></action></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#findUsers">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#findUsers</a></action></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#orgTree">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#orgTree</a></action></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItems">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItems</a></action></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItem">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItem</a></action></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItemsMyRequests">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItemsMyRequests</a></action></div><div>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItemsProcessInstance">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItemsProcessInstance</a></action></div><div>   </authorization></div><div></role></div></div></div><div dir="ltr">-- <br></div><div dir="ltr">--<div>Petr G.</div></div>