Hi, I am trying, without success to find out if it is possible to have 2 users in the same role (or cloned role) and each will be able to fully manage the users of his own department only without any way of seeing any kind of detail about the other technician in the other department and anything of the other departments users and profile?
Clarifying:
Department A - has technician A - which has full discretion in managing the devices - like a full admin for the department. (no ldap - they have their own systems). Tech A should be able to enroll devices, add/remove users directly within department A, edit/add profiles, update patches…
Tech A should not see anything related to department B, no user names, no devices, no groups NADA.
Department B - has technician B - which has full discretion in managing the devices - like a full admin for the department. (no ldap - they have their own systems).
Tech B should be able to enroll devices, add/remove users directly within department B, edit/add profiles, update patches…
Tech B should not see anything related to department A, no user names, no devices, no groups NADA.
How do I create roles/permissions/groups as to make it happen or is it not possible with the current ITSM?
Thanks.