Re: Administrative Access

[Pierson, Shawn]

Title: Message

** I've never heard of a company giving admin rights to someone who is not a developer or administrator.  This is a really bad idea for many obvious reasons.  What is usually done is that the user is given Application Administration access.  If it's a home grown app basically just create another group to allow people to submit data to the configuration forms that normal users can't.   Also keep in mind that if there is a business need for that user to have admin rights, your job is to make that need go away.  I would guess that they wanted to update some menus or something like that and couldn't because you might have character menus instead of search menus driven off of a form.  Be sure to make your application robust enough and data-driven so that there is no business reason for end-users to have admin rights.   If all else fails, request that your management bring this person into the I.T. team working under your manager, and make sure they get the proper training.  It's frustrating to work on a system with someone who is inexperienced and untrained making changes that sabotage your work.  Be sure to express the problems occurring to your management and explain why it is not secure to have users logging in as admins. -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Koyb P. Liabt Sent: Wednesday, September 06, 2006 7:14 AM To: arslist@ARSLIST.ORG Subject: Re: Administrative Access ** Similar thought -   How is admin access given in most organizations?  Who makes this decision? What is the experience for other listers? How would you handle it if you were responsible for the Remedy application, and some un-trained user is given Admin rights by management.   In my case, I am frustrated because I have an end-user (who is not a Remedy developer) making changes straight on production, and not taking the code thru development to testing, as I requested.  And management has given a end-user admin rights to do this.          __20060125_______________________This posting was submitted with HTML in it___ The information in this e-mail, and any files transmitted with it, is intended for the exclusive use of the recipient(s) to which it is addressed and may contain confidential, proprietary or privileged information. If you are not an intended recipient, you have received this transmission in error and any use, review, dissemination, distribution, printing or copying of this information is strictly prohibited. If you have received this e-mail in error, please notify the sender immediately of the erroneous transmission by reply e-mail, immediately delete this e-mail and all electronic copies of it from your system and destroy any hard copies of it that you may have made. Thank you. __20060125_______________________This posting was submitted with HTML in it___