If I’m honest, the permissions interface for RT has always confused me. However, now I find I need to do some admin delegation and I’m not sure if it’s even possible.
Basically, I need to allow a group of trusted users to be able to manage the membership of a series of other groups. Those users should not be able to even see groups outside of their delegated set. Is there a way to do it?
For the record, I’m still running version 4.0.10 but I’m planning to upgrade in the next 6 months so I could move that forward if there are features in later versions that are required.
Thanks in advance for your help.
To add a bit more detail, I have set up a group (Access Group) that controls permissions to see Tickets in a particular Queue. I have created a separate group (Administration Group) that contains the Users that I want to be able to control the membership of the Access Group.
I have clicked through:
Tools -> Configuration -> Groups -> Select
and chosen the Access Group.
I have then navigated to the Group Rights tab for the Access Group, added the Group ‘Administration Group’ and then set the ‘AdminGroupMembership’ and ‘AdminGroup’ permissions.
When logged in as a User that is a member of the Administration Group, I expect to be able to add/remove other Users from the Access Group but I don’t seem to be able to do so.
What am I missing, please?
To let a group admin members of another group, You have to go to:
Configuration -> GLobal -> Group Rights and give the admin group “ShowConfigTab”.
Then in Configuration->Groups->YourGroup->GroupRights, give the admin group “SeeGroup” and “AdminGroupMembership”. (AdminGroup is IMHO not needed as it may allow your admin group to rename the other group).