We are currently evaluating the implementation of Zammad in our IT-Helpdesk environment. Our major customers have up to 120 employees and every one of them should be able to create Tickets. Therefore everyone needs an account. We are unable to manage all of them manual. (Team of 4) Therefore we’d like to know, if it is possible to create key management accounts to externalize this task to customer-side. These accounts should be able to manage users from their own company, so we don’t have to initially create and manage every user. But these must not be able to view users of other company’s (due to GDPR regulations)
Alternatively Users should be synced (incl. password) from the customers Active Directory - this would reduce user management to AD side (like Azure Connect - to sync Users between “on premise AD” and Office 365)
Actual behavior:
Situation unclear.
It looks like, there is just one global user management list, where all users are listed to every user with management rights. Permissions granularity is not fine enough to achieve this setting
It also looks, like it is not possible to connect multiple Active Directorys
Please also note that you should never provide customers agent like access permissions!
Zammad does not provide a per group or per organization user database. The user database is global which means that as soon as you’re allowed to manage users, you potentially can see them all. I’m sure you don’t want that.
You could workaround above situation with a lot of custom API scripts, but right now I’m sure it’s not worth this effort. Especially if your team is rather “small” in comparision to your user base you’re supporting.