Pega 7.3 - admin.[APP_NAME] can modify system settings
Hi,
Currently, admin.[APP_NAME] users can modify system settings (i.e. indexing the nodes, LDAP settings) which seems like it has access to everything that [email protected] has access to. This seems highly risky as a mistake on one application can impact other applications.
Is there anyway to limit the admin.[APP_NAME] users ability to modify system settings so that only the [email protected] user can but the admin.[APP_NAME] user is still able to modify [APP_NAME] properties such as workbaskets and work groups?
Thanks,
Elliot
***Edited by Moderator Marissa to update SR Details***
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.
Accepted Solution
Pegasystems Inc.
IN
Hello,
The SR was marked closed with the below explanation:
User should define/create RARO (Access of Role to Object - under security in records ) on Data-Admin-AuthService and add necessary grant permissions, similarly access to Data-Admin-Operator-Id class should also be defined either by grant level permission values or priviliges or Rule Access Deny.
Thanks!
Macquarie Group
AU
Hi Santanu,
The default I believe is "PegaRULES:SecurityAdministrator" which is applied to the automatically created user in Designer Studio. This in turn gives it access to SysAdm4.
Is there another role that I can automatically associate with newly created users as part of the application creation process that doesn't give them full access to the designer studio?
Thanks,
Elliot
Accepted Solution
Pegasystems Inc.
IN
Hello,
The SR was marked closed with the below explanation:
User should define/create RARO (Access of Role to Object - under security in records ) on Data-Admin-AuthService and add necessary grant permissions, similarly access to Data-Admin-Operator-Id class should also be defined either by grant level permission values or priviliges or Rule Access Deny.
Thanks!