We are a large company with many sites. Currently, in Zammad, admin.user cannot be delegated without the user being able to appoint themselves or others as admins. As a result, the entire user management process is handled by just a few people. A separate permission for user management without role/admin rights would be very helpful. Is something like this planned?
1 Like
Agents can ‚manage‘ non agents already. The question is what the actual problem / task is. Please use the template you removed.
okay maybe its not clear:
We need the admin.user role to assign roles to users/agents. However, once a user (agent) has the role admin.user, they can change their own role, grant themselves full admin privileges, and also remove admin rights from others.
Due to our multiple time zones and locations, managing users centrally is becoming increasingly challenging…
does anyone have a workaround for this? it doesnt seem like it is planned in the future
Yes but WHY.
What do your agents have to do that wouldn‘t be possible with that permission?!
The core issue is scalability and availability.
Because we operate across multiple locations and time zones, central user and role management by only 2 global admins does not scale. We need to delegate role assignments to local administrators, but without allowing privilege escalation or admin takeovers. Agents managing non‑agents does not solve this, because we need to manage agents and roles, not customers.