Search the Community
Showing results for tags 'permissions'.
Found 3 results
-
Hi, We're a large IT group and we have multiple subsidiaries using a central passwordstate vault. Each subsidiary have it's own set of internal ou customers accounts / password / servers / ... We manage the segmentation on passwords using folders (advanced or standard permissions models) or lists: each team have its own root folder and manage their subfolders and lists inside. So people from team A cannot see passwords from team B unless they've been granted for. However, hosts are not manageable in the same way. No segmentation is possible for adding / deleting / editing hosts. So if someone from Team A add an host, people from Team B can remove this host. Each team needs to be fully autonomous for managing hosts, so we cannont centralize host insertion or edition to a central Team. We could like to have an host segmentation (per folder maybe ?) so if someone create an host in group / folder "A", only people that would have been admin rights grandted on that group can add / edit / remove it. Thanks.
-
Would like to see option to limit users from adding attachments to specific folders. Since it's already a global configuration, would expect not to be big thing to make per folder setting for it too. Either implement a way to prevent users from adding documents to any folders, but continue to allow uploading them to lists and password items. Or provide a way to disable uploading documents just to specific folders. Use case: Admin makes some folder hierarchy/context on where people should be storing their lists. If there's no way to prevent uploading documents, people tend to forget or not read internal guidance and they end up storing personal documents to folders which are shared to also others. We would like to be able to prevent this from happening. -
'Administrator’ right on individual password records, so that account owners could approve access to passwords for accounts they own e.g service/system account password a developer needs access to though API.
