Account Roles based on Active Directory / LDAP groups

Idea created by Nicolas Cronis on Nov 26, 2018
    Open for Voting
    Score5
    • Tracey Guyers
    • Javier Fernandez Cacho
    • Marek Mendrecki
    • Nicolas Cronis
    • Melissa Bray

    At the moment Account Roles need to be added manually. If staff leave or change position the IT department need to manually go and add/remove people from the Admins section in settings.

     

    I propose for those schools that are using ldap/ADFS for authentication that we have the ability to map active directory groups to these account roles.

     

    Since we have Identity Management in place that automatically adds/removes users from AD groups. If we could map an AD group to the Account roles it would ensure that these are always up to date with the people required to have those elevated permissions.