Announcement

Collapse
No announcement yet.

Managing compartmentilizing between departments

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Managing compartmentilizing between departments

    Hi, I am trying, without success to find out if it is possible to have 2 users in the same role (or cloned role) and each will be able to fully manage the users of his own department only without any way of seeing any kind of detail about the other technician in the other department and anything of the other departments users and profile?

    Clarifying:
    Department A - has technician A - which has full discretion in managing the devices - like a full admin for the department. (no ldap - they have their own systems). Tech A should be able to enroll devices, add/remove users directly within department A, edit/add profiles, update patches..
    Tech A should not see anything related to department B, no user names, no devices, no groups NADA.

    Department B - has technician B - which has full discretion in managing the devices - like a full admin for the department. (no ldap - they have their own systems).
    Tech B should be able to enroll devices, add/remove users directly within department B, edit/add profiles, update patches..
    Tech B should not see anything related to department A, no user names, no devices, no groups NADA.
    How do I create roles/permissions/groups as to make it happen or is it not possible with the current ITSM?

    Thanks.
    Last edited by InfoSecAdmin; 10-02-2017, 06:01 PM.

  • #2
    InfoSecAdmin ,

    From our last September's release https://c1forum.comodo.com/forum/pro...ase-09-16-2017 . Please check these features that you are looking for. Our last release had unveiled multiple features under ITSM portal role management, that you are looking for.
    https://wiki.comodo.com/frontend/web...om-permissions and as well access scope
    https://wiki.comodo.com/frontend/web...-to-technician

    Comment


    • InfoSecAdmin
      InfoSecAdmin commented
      Editing a comment
      Thanks for the quick response.
      I already tried these and (99% of the time I try to follow the RTFM approach before posting anything) my question remains.
      In this case - the features don't do what I want.
      The permissions for the companies (e.g. deparments) are connected to the role and cannot be individually different to the technicians under this role.
      So, it means that if, for example, I have a 1000 departments which I want to keep apart for security considerations, I will have to make 1000 roles : department A admin role, department B admin role, and assign tech A to deparment A admin role and tech B to department B admin role.
      This instead of having a role like "Project local admin role" and assign to it technicians 1-150, and on the technician's users setting assign each technician to his specific department he was hired to admin.
      Thanks.

  • #3
    Hi InfoSecAdmin ,

    We actually already have a feature request regarding this concern (Improvement: Staff Roles rights limitation per Company) that is on the road map which is planned to be released on 2017Q4. Would you like us to include you to the list of our partners who will be updated when this is deployed?

    Comment


    • InfoSecAdmin
      InfoSecAdmin commented
      Editing a comment
      I am glad to hear that. I will be very happy to be updated regarding this feature. in the mean time I will make due with roles per technician.

  • #4
    Hello InfoSecAdmin ,

    We already added you in the loop for its progress.
    You will receive an email soon regarding this.

    Kind Regards,
    Jay

    Comment

    Working...
    X