David Langenberg, U Chicago:
One of our offices, the College Programming Office (CPO), has a fairly complex set of web apps and content sites which are managed by a small set of admin users who then need to delegate lower levels of access out to other users on a site-by-site basis.
The levels of access that are involved include, but are not limited to:
Currently all of these sites use LDAP logins for access, but the administrative privileges have to be managed on a site-by-site basis. With an office that includes many FTE’s and also a staff of 6-8 student employees who are changing on a yearly (or more frequent) basis, the management of these user tables can present a significant challenge.
If we were able to map out a specific set of privileges and specify them in one central location, adding, removing, and modifying users as they change, it could definitely save significant staff hours.