I'd like to delegate rights to manage Active Roles scheduled tasks but haven't found an access template specific to delegating the right. Any suggestions would be appreciated.
My gut would tell me that this not something that you can delegate. And certainly not without giving users access via the MMC (which I tend to recommend against).
What exactly do you want to delegate around Scheduled Tasks? - enabling / disabling, setting start times and such shouldn't be a big deal with some light Web UI customization.
The issue is that there were certain things (Dynamic Group creation being another example) that were never designed to be delegated. So the only way to perform these tasks is if you are an AR Admin....which as you know, is a level of access that you don't hand out lightly. Hence my suggestion to set this up in the web UI because then we can hide the workarounds that facilitate it.
Access Templates do have the ability to be delegated to Scheduled Tasks (edsScheduledTask) and Scheduled Task Containers (edsScheduledTaskContainer) objects. So, initially this appears that it could be accomplished by creating a new Access Template, selecting the option to 'Show all possible classes' and locate these object classes in the list to delegate the necessary access to.
Thank you for this suggestion.
I have found Scheduled Task (edsScheduledTask) and granted Create/Delete child objects permissions. When checking Object Classes, no classes display so I've selected Child objects of any class. I've assigned that template to a group for a custom Scheduled Task Container and still cannot create or modify a scheduled task.
What am I missing?
You need to delegate the creation of the child objects to something - so creation of child objects (any class) of a Scheduled Task container would be the most sensible. For simplicity's sake, I would pre-create the Scheduled Task container(s) and then just delegate the create of the child objects within it (them).