Hello
I'm hitting a wall trying to tune a role for a new team that will do some management for tenants, I looked around and I can only find documentation/example for org rights in a tenant, but that's not what I'm looking for.
that team will be handling support and hand-holding for tenants and will not administer the provider side of our vcloud setup. all the roles I need are tuned to what I want to allow them to do, except managing the ACL for the organization.
they use our idp and connect through the provider portal to do their tasks, using that role : "Administer and traverse into other organizations" and a lot selected roles to limit their scope.
All is fine except the ACL (users and groups) management
the only way I found to make them able to manage users is by allowing "Access Control / User / Manage users and group", which would be fine, but then it gives them access to the provider Acl also
is there a way to allow the org acl editing without allowing editing of provider acl ?
thanks in advance, any comment is apprciated
Christophe