Hi all,
I'm looking for some best practices regarding User Management and Access Control, but first, allow me to share some of our current landscape.
We have one database for the entire enterprise and we're having one of our users but heads with the ARIS admins over Access Control. Since we have one database which is the work area for many users, we've decided that the ARIS team will handle user access via user groups.This specific user wants the ability to manage individual user access at the folder level.
Question: Would enabling 'User Administrator' as a function privilege for this user open up the entire userbase to this user? This seems like too much power for one non-admin user to have.
Other questions: How do others structure their access control policies where each project area has differing requirements for managing users?
Thanks,
Tony