in our firm we are having a model of managing user access using AD groups.
adgroup_ro -read only.
the admin however has full control of the project we have seen misusing of permissions by adding individual users(this is linked to AD) to the repositories or project itself without notifying compliance department. even though these actions are logged, it is hard to monitor if other users are doing this kind of addition/deletion without compliance's knowledge.
so my question, is there a way to restrict project admins from editing the project permissions and repository permissions. but allowing only branch permissions and creating of repositories.
or is there a way to get notification everytime a user or AD group to added to any of the project. something like setting up automated email a new AD group is added or removed a email notification to be sent to system admins, so that we know to inform the users hwo did this.
Kindly let me know your answers.
If you grant someone project admins permissions they'll be able to edit project and repository permissions, as you can see in the chart at Using project permissions. It's not possible to modify that. There's already a Feture request for that at BSERV-8765.
Regarding notifications, this is not a built-in feature but you can submit a feature request at jira.atlassian.com. I tried searching for a plugin in the Marketplace but so far didn't find one, you might want to create a custom one.
Hope this helps!
Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs