This blog contains step by step instructions to
- Setup permission to enable non-admin users to manage users and roles
- Limit the accounts available for edit/update
The WorkControl-Member ship module enable non-system-admin user to perform account administration in the DotNetNuke portal. The capability provides separation of duty between system administrator and account administration. An example is to provide department clerk or HR admin to update user accounts without granting them access to the DotNetNuke administrator permission.
Setup permission to enable non-admin users to manage users and roles
Host or admin users can setup to allow regular users to manage users/roles. Follow to the following steps
- Setup and DotNetNuke role
- Assign user to this role
- Grant the this role with Admin permission in the WorkControl-Membership module permission role.
Figure 1 has a screenshot showing an example role Account Admin with Admin permission. Click on image to zoom in. Notice that the Admin permission is a custom permission in the WorkControl-Membership module.
Figure 1 – Permission assignment to enable non admin accounts to manage users/roles
Limit the roles available for edit/update
Suppose a company has 5 divisions and each division has an HR admin who is responsible to update user accounts in their division. Suppose you have setup a security role for each division and users have been assigned into each division. To limit HR admin to see only user account in their division, follow these steps
- Access the WorkControl-Membership Settings screen
- Go to Role Security Settings section
- Locate the role name and check the the box under the Assign column
Figure 2 is an example of where Division 1 is checked. Only user accounts in Division 1 will be available for edit/update.
- Adding a Security Role
- Adding a User Account