We have a partner (migrated from Postini), who needs to assign additional admin roles (e.g. for sales and tech support access) and also limit access to a single customer or subset of customer accounts, something that was available with Postini. The client can assign a user as a VAR admin, but really needs to limit which domains the user can access.
Would it be possible to see a feature enhancement to add admin roles by groups and also set up granular policy permissions?
This functionality is already in place. While you cannot specifiy a subset of customer accounts, you can create Customer Administrators on customer accounts.
Available administrative roles are:
KB Article with permission level details: https://support.mcafeesaas.com/MCAFEE/_cs/AnswerDetail.aspx?sSessionID=&inc=39486&caller=~%2fFindAns...
I know that. However, this partner and others want to be able to assign specific account admin to speific customers, e.g. eithe for tech support, billing or both. They had this abiltiy in Postini, they would really like it in McAfee. When you have resellers of 8-10 years having it one way for so long, it's hard to make changes with like parity between the products.
Frank, just to clarify what you're looking for. Are you wanting to be able to specify a VAR-Admin user to also be a Customer Administrator role for specific accounts?
e.g. "bob [at ] reseller.com" is has both VAR Admin rights but also Customer Admin Rights with ABC Co, DEF Corp, etc.?
Or are you referring more to specifying a user as an authorized Support Contact, authorized Billing Contact, etc?Message was edited by: cascadia on 5/6/13 2:13:18 PM MDT
No. Our partner has sales and tech support users assigned to specific customer accounts. With McAfee, they would need to assign them as a VAR Admin and they have access to all accounts, they do not want this. In Postini, they could add a specific admin to each account as they were activated and also set allowed permissions. Albeit not by a group policy. Because of the hierarchy differences between Postini and McAfee, we can solve this problem by a admin group policy in McAfee.
For example, I assign a user as a VAR Amin, within that role, I can A. allow full access or B, assign specific customers. It would also be great to set additional levels of permissions allowed on a customer level. I would be happy for now, to just have group admin policies.
Thank you Frank, much clearer now.
I'll go ahead and submit an enhancement request this evening for the requested changes. Product Management takes all requests into consideration, but not all requests are implemented for many factors.
I'll send you a quick PM to get some additional information.