Subject: COmanage Users List
- From: Benn Oshrin <>
- Subject: Re: [comanage-users] Edit Identifiers
- Date: Sat, 10 May 2014 18:28:43 -0400
On 5/9/14 4:52 PM,
People with admin privs can manually change an identifier via CO->People->My
Population and selecting a person, then editing their identifiers. Seems
dangerous. I am wondering if I missed a setting to protect this.
CO Admins need to be able to fix bad data, including identifiers. CO Admins are by definition trusted users who can take actions that can break things. eg: They can define LDAP servers to provision to, and change the attributes that are written there.
There's possibly an argument to constrain COU Admins, but COU Admins are really trusted delegates of the CO Admin over a subset of the population, and so also need to be able to fix bad data.
- [comanage-users] Edit Identifiers, michael.manske, 05/09/2014
- Re: [comanage-users] Edit Identifiers, Benn Oshrin, 05/10/2014
Archive powered by MHonArc 2.6.16.