[rt-users] assign zero global "Privileged User" rights?
Duncan Shannon
dshannon at techfluent.com
Fri Dec 16 11:57:45 EST 2005
Im trying to get the perms sorted out correctly to these levels:
1) Staff (internal users)
2) Clients (our primary contacts for our clients who want to use RT to
open/resolve etc Helpdesk tickets)
3) Client End users (who will ask for help only)
So far, the best route seems to:
1) Create a queue ClientX
2) Create a Group ClientXStaff, add staff who work at said client to
this group. It has expected permissions (Create, edit, delete, update,
own, modify etc)
3) Create a Group ClientXClientAccess. Add priv. accounts for our
clients, give them, OwnTicket, ViewTicket, EditTicket (not ViewComment
etc)
4) remove all global Privileged User rights except those that are
acceptable for all clients to have (OwnTicket [maybe], ViewTicket,
EditTicket perhaps...
My question is this:
Is there any harm in not having any System level privileges if you
instead define them for each queue/group?
Thanks
duncan
More information about the rt-users
mailing list