Adaxes

Different tasks for department heads

0 votes

Hi all,

I'm trying to work out how to configure different tasks for different users. Basically, what we want to achieve is for team leaders or department heads to be able to manage their own users and groups etc, and for HR to be able to create new users but be limited to where they can be created etc.

1. I have created a new interface type called TeamLeader, and on the home page I want it to display the Actions assigned to that role, and only the Business Units this role has permissions to. Currently it shows all Business Units and I'm not sure how to change it. Also, when performing an Action (say, Reset Password) I want it to just return a list of users in the Business Unit it has permissions to.

2. When a HR user logs in to the Team Leader site, I want them to be able to create users, but only from a list of pre-defined departments that will perform the various tasks for that department (copy from Template and create in specific OU to department).

I'm sure these are covered somewhere but I can't find any tutorials listed on the site and the documentation isn't really helping me.

Cheers,
Luke.

by (50 points)

1 Answer

0 votes
by (289k points)
selected by
Best answer

Hello,

Active Directory objects that users can/cannot view in the Web Interface do not depend on the type of Web Interface they sign on to. Permissions to view/modify objects are granted by Security Roles. This rule is also spread on objects that can be selected as target objects for Home Page Actions. For information on how to check Security Roles assigned to a user, have a look at the following help article: http://www.adaxes.com/help/?ManageSecur ... forms.html.

Most probably, you are signed in to the Web Interface with the credentials of the default service administrator (specified during Adaxes installation). In this case you can view/modify all objects in the environment as service administrators do not undergo security checks. Other users can view/modify only the objects that they are allowed to by assigned Security Roles.

By default, the Domain User Security Role allows all users to view all objects. You can disable the role and grant users a limited range of permissions. For example, to grant users permissions to view Business Units, have a look at Delegating Rights to Manage Business Unit Members section of the following tutorial: http://www.adaxes.com/tutorials_Delegat ... sUnits.htm.

If you need HR operators to have Home Page Actions different from those available for Team Leaders, they must use different Web Interfaces (e.g. TeamLeader and built-in Help Desk interfaces).

Related questions

0 votes
1 answer
Is copying Entire Action Sets as is to different tasks/commands/rules without forcing an ElseIf possible

I like to reuse action sets I've created in varying rules, tasks and commands. The main issue I am facing is I cannot find a way to make it copy and paste 1:1. It ... the other rule/task/command. Is this not possible or am I just not figuring it out? Thanks

asked 3 days ago by msheppard (470 points)
0 votes
1 answer
Possible to set constraints for parameters in custom tasks?

We're tryingo to create a custom task that would allow us to create a service account and run some logic. These need to start with "svc_". Im able to do this on ... possible? Alternatively, could I use the built in task and add additional fields to the form?

asked Jul 30 by ZoomGhost (280 points)
0 votes
1 answer
Is there a way for Scheduled tasks to NOT automatically run after being enabled?

When I enable a scheduled task, instead of running at the scheduled time they all run imeadiately. This is not good behavior as changes are written in a way to reflect the ... is being enabled. I am hoping there is a powershell command to stop this behavoir.

asked Jul 10, 2023 by mightycabal (1.0k points)
0 votes
1 answer
Add Schedule Tasks for Active Directory Management to Web UI

I would like to add "Configuration > Scheduled Tasks" to the Adaxes Web UI. I canĀ“t find an option to impelement this. Any hints?

asked Feb 9, 2021 by MatthiasP (40 points)
0 votes
1 answer
Property Display Names for different languages

Hi, is it possible to copy Property Display Names from one language to another one? Or do I need to specify them all one by one?

asked Jul 4, 2023 by wintec01 (1.5k points)
3,552 questions
3,242 answers
8,243 comments
547,828 users