Currently, admin.[APP_NAME] users can modify system settings (i.e. indexing the nodes, LDAP settings) which seems like it has access to everything that [email protected] has access to. This seems highly risky as a mistake on one application can impact other applications.
Is there anyway to limit the admin.[APP_NAME] users ability to modify system settings so that only the [email protected] user can but the admin.[APP_NAME] user is still able to modify [APP_NAME] properties such as workbaskets and work groups?
***Edited by Moderator Marissa to update SR Details***
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.
The SR was marked closed with the below explanation:
User should define/create RARO (Access of Role to Object - under security in records ) on Data-Admin-AuthService and add necessary grant permissions, similarly access to Data-Admin-Operator-Id class should also be defined either by grant level permission values or priviliges or Rule Access Deny.