• State Not Answered
  • Replies 4 replies
  • Subscribers 94 subscribers
  • Views 1490 views
  • Users 0 members are here
Options
Related

Group inheritance and departments

CVU
over 2 years ago

Hi,

In our 8.1.3 scenario, an employee has a primary department but can be delegated in other departments. Every employee has an AD account. Is there an oob way I could control group inheritance so that only the groups from the primary department apply ,but block inheritance of the groups from the affiliated ones? These latter departments, in turn, can be primary ones for other persons so I shouldnt block inheritance at all for their resident employees.

Thanks!

Parents Reply
  • 0 over 2 years ago in reply to CVU

    Another idea (if the number of dyn roles would be "too large" ) would be to have the tree twice in the system. First with the rights which should be the inherited ones and a second with the non inheritance. Now only make the non inheritance tree delegable and take care (e.g. via a synch project) that the main employees get into both trees.

Children
  • 0 over 2 years ago in reply to Thorsten Kronenburg

    Thanks, Thorsten... I'll take that into account. Keeping two organizational tree would need also checking the web portals, so only the right "branches" would be offered to the final user (local admins). But the idea could help me out with some other tasks I need to cover , nonetheless. Thanks a lot!

    I think we need to dig deeper into what triggers the inheritance and control how it acts.

    Thanks again for your ideas. Have a nice weekend!