• State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 93 subscribers
  • Views 1788 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Minimal Permissions for Analyzer Tool?

chris.hearn
over 4 years ago

I'm running version 7.1.2 and I have a need to give someone access to the Analyzer tool to compare Group memberships and create Business Roles. I cannot find a role to give that type of granular permissions. Does anyone know what role may fill that need?

Thanks!

-CK

  • +1 over 4 years ago

    There are two roles that give the permission to insert orgs. They are "Base roles\Employee Managers" and "Identity Management\Business roles\Administrators". None of these gives the full rights to do everything that Analyzer would be capable of doing, but they might be enough for the described case. Otherwise one needs to create a custom role and a group. 

    Your welcome

  • 0 over 4 years ago in reply to Tomi Kääriäinen

    Those rights appear to allow you to insert orgs, but it doesn't appear to allow you to use the Analyzer tool. When I bring it up, the group memberships are empty. My admin account sees the group memberships.

    Thanks for taking the time.

    -CK

  • +1 over 4 years ago in reply to chris.hearn

    Speaking generally, you need the permissions to read all the objects (business roles, departments, group memberships ) you include in your analysis and of course you need to be able to write business roles.

    The easiest way to give somebody the necessary read access to all group memberships (sadly to more objects as well, but read-only) is the application role "Identity & Access Governance\Auditors"

  • 0 over 4 years ago in reply to Markus Weiss-Ehlers

    As always, you are right on the mark. As soon as I added the  "Identity & Access Governance\Auditors"  role the user could see the group relationships.

    Thank you much!

    -CK