Jan G Posted August 27, 2018 Share Posted August 27, 2018 I would like to have a feature where each user of passwordstate is able to request the membership of any security group. For this each group needs to have a group admin (or more then one) that is able to maintain the members (adding, deleting) and also is able to answers the requests. This would ease the permissions topic a lot for us. I am imagine something like a new option at the "Tools" menu (or somewhere else) like "Teams". There you could for example maintain your groups or request a new one. To complete this feature it should be possible to request access to lists for a whole group (team). Thanks in advance. Jan Link to comment Share on other sites More sharing options...
support Posted August 27, 2018 Share Posted August 27, 2018 Hi Jan, Thanks for your request. And to confirm, we're assuming you are only using Local Security Groups in Passwordstate, and not any Active Directory security groups. It seems like you need some sort of workflow approval for Security Group Memberships. And we would expect you would need some type of full reporting on what the Security Groups have access to, so you know what sort of access you're giving out if you approve the membership. Also, would your users know what Security Groups to request access to - we presume they also don't know what permissions have been applied throughout the system using the Security Group they are requesting access to? Regards Click Studios Link to comment Share on other sites More sharing options...
Jan G Posted August 27, 2018 Author Share Posted August 27, 2018 Hi, correct, we are using only Local Security Groups. Yes it would be nice if there will be an overview with permissions has been approved to the group. in general, the users have no idea what permissions are set to wich group. But it is more the team wich is interisting or a discription. for example, we have 5 default lists for each service application passwords (e.g. passwords required to start or log in into applications) database passwords (e.g. all passwords that belongs to databases) administrative passwords (e.g. passwords with local administrator permissions like Administrator or root) service account passwords (e.g. all accounts which are not related to a real person) hardware passwords (e.g. BIOS passwords) there it would be nice if the team lead of the database team could manage the permissions for the security group "database" which is added to all database passwords lists. sure this could be done by the passwordstate administrator, but its much more effort and not very effective. and, much more interesting - if i would add someone to the group, there is missing the approval process. was i am able to explain a bit what the "problem" is? Link to comment Share on other sites More sharing options...
support Posted August 27, 2018 Share Posted August 27, 2018 Thanks Jan - that makes sense. Regards Click Studios Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.