Reorganization of Tenant Admin and Workspace Admin Roles, Responsibilities, and Functionality
Hi Community,
I wanted to share a scenario that may be a common issue for perhaps 1 too many customers.
Let's say in your situation, you had 1 workspace administrator as the sole administrator in a given workspace. When they left the company, no one else had access to the data and that workspace.
We can understand why this can be a frustrating issue and why it highlights an area of opportunity for our Workspace administration.
My idea is to create 1 additional role which is the Tenant Admin role at the "Workspace Administration" level, so that there would be a total of 3 roles that you can be assigned: User, Workspace Admin, and a new Tenant Admin role.
-In this way the Tenant Administrator would be a permanent member in every workspace, under their tenant, and has the same powers as a Workspace Admin, except they cannot be removed from a workspace. *This would be contingent upon or synced over from confirming the Tenant Admin role has been assigned for that particular user.
Related to this is the responsibility of user deletion and disablement. If the above idea at the Workspace level is implemented, the Tenant Admin should be able to delete or disable users from their Tenant in all workspaces that belong to the tenant.
-Workspace Admins should only be able to delete users from their workspace(s). This would split up the responsibility in a distinct and clearly defined way.
-Additionally, a field such as "disabled by" could give the Tenant Admin visibility into who disabled a particular user.
-A field such as "modified by" could give Tenant Admin visibility into who adjusted a user's Role.
Lastly, there could be an element added as a layer of protection to prevent workspace administrators to be given "No Access" to a model in their workspace.
-This would force administrators to make a clear cut decision as to a role assigned to a particular individual- they either are a workspace administrator with "Full Access" in all models in the workspace or an end user with selective access, "No Access" or "Full Access" in the specific models.
Thank you for your time and reading this idea.
Categories
- All Categories
- 2.3K Anaplan Community
- Academy
- Anaplan Talent Builder
- Model Design Course
- The Anaplan Way
- Archive
- 2 Idea exchange
- 62 Enterprise Scale
- 1.1K Extensibility
- 21 Intelligence
- 1.6K Planning & Modeling
- 331 Security
- Community Connections
- Connections
- Experiences
- Groups
- Personas
- Employees
- CS Toolkit
- Customer Care Center
- Forums
- Academy & Training
- Community Feedback & Updates
- Japan
- Anaplan Community Japan
- Anaplan Community Japan Knowledge Base
- HyperCare Japan
- JP-Central
- Support-Japanese
- Partners
- Partner Leadership Council
- Partner Product Council
- 724 Platform
- Anapedia
- App Hub
- Centers Of Excellence
- Extensions
- Planual
- Platform Updates
- 724 User Experience
- Profile Builder
- Resources
- Anaplan Advocates
- Anaplan Live!
- Community
- Community Advancement
- Community Connections
- Partner Program
- The Official Master Anaplanner Program
- Videos
- Welcome to the Anaplan Community!
- Success Central
- Support
- Case Portal Link
- Common Support Questions
- HyperCare Redirect
- Known Issues and Workarounds
- Support test page
- SupportFAQ
- Survey
- 2 Training Day Takeaways