In this example, the Role Administrators needs to be able to edit and delete all the Users in the Group Slough.
- Select the Item (i.e., User, Role or Group) to which you want to control access (in this example, Group Slough), right-click and select Control Access to this Group.
- Click Add and Remove Members and then select the User, Group or Role to which you want to give access to the Group Slough. In this example, select the Role Administrators. Click Add Member >> so the Role Administrators is displayed in the list Contains the following. Click Confirm.
- Select the Role Administrators and select Allow or Deny for each Operation.
- Item – The selected User, Role or Group to which access control is being configured (Group Slough in the above example).
- Name – The name of the User, Role or Group which is being given access to the Group
Slough (Role Administrators in the above example).
- Read – Allows the Role Administrators read access to the Properties of the Item.
Cannot be set to Deny if Update is set to Allow.
- Update – Allows the Role Administrators to update the Description, Forename, Middle name(s), Surname, Email address, Hidden and Disabled settings of the Users in the Group Slough, unless specifically Denied by the following Access Control settings. Cannot be set to Deny if Delete, Change password, or Set access control is set to Allow.
- Delete – Allows the Role Administrators to delete the Users belonging to the Group Slough.
- Change password – Allows the Role Administrators to change the password of the Users belonging to the Group Slough.
- Set access control – Allows the Role Administrators to set the access controls (configure ACLs) for the Users belonging to the Group Slough.
Note: Be careful when removing a Group/Role/User’s ability to Set access control to an Item not to remove your own privileges as you will then be unable to change them back.
- Click on the Save and Close button to save the ACL changes to the Item or Cancel to exit without changing the ACL of the Item.
- Make sure the Role Administrators has Permissions set to Allow them to Manage Users & Groups. See Table 150, “Terminology: Role Permissions”