1 of 1 people found this helpful
Permissions are assigned by the role. if you need to segregate access to servers, then you need separate roles. So here you would have 3 roles – Unix Admins, UK Windows, Ireland Windows.
ok thanks, this is what I thought, its just a shame theres no way to reduce the number of roles in any other way like through the use of a property perhaps.
How could that work?
I have no idea, just a thought.
the issue is the security boundary is the role.
do the windows admins need to be separate? Is it bad if the UK people see the IRE servers ? or have the ability to manage them?
yes, the teams are separate due to separation of responsibility across geographic locations. I see no other way at this stage to separate them other than create multiple roles that can be used to split by country.
Thanks for your help with this !
With two roles, it will be easier to separate rights on Depot and Jobs for the dedicated purpose :-)