XI 3.1 and delegated admin

hi,

we have two distinct project. each project must have delegated admin (manage user and group) : each admin must see only its users and groups…
we have apply this :
1/create specific admin groups
2/ create specific acces level (view object/general +add objects/content folder +all rights/system user+ all rights/system usergroup)
3/ on user and groups/manage top level security/all group :
add the two admin groups and apply acces level
4/ on each group and subgroup remove acces on the admin group that does not (because each admin group is in inherited rigth…)

this work, but not for for user level, delegated admin can’t create user and if we apply top level security acces level , the admingroup can see ALL user. it’s not that we want…
have you ideas?
thank’s

docbo (BOB member since 2004-10-20)

Correct since you are managing the security on the technical group Users. All your users belong to first that group called “Users”. If you want your admin to be able to add user you must give right to add user to that group.

Did you try removing the right view object on that group?

hi
thank’s

no acces is not suffisant…
remove is best

@+

docbo (BOB member since 2004-10-20)