Q&A: Is there more flexibility for delegation of user rights management

Question

Is there more flexibility for delegation of user rights management?
Helpdesk admins should be able to do that or that without becoming complete Domain Admin.

Answer

In the current versions of UCS only ship with LDAP-ACLs for a basic Active Directory style role model, but as requests for more flexibility often reach us, it is planned to offer additional roles to support more granular delegation of users rights management to give more flexibility for Administrators right out of the box. Currently this needs to be done by extending ACLs in OpenLDAP, which are quite complex and require a certain level of experience and thorough testing to avoid performance regressions.

Until this is done, perhaps this helps you: