I've been getting requests that temporary/seasonal staff be allowed restricted access to our wiki. In theory, I don't oppose this.
These temporary staff members number into the several hundred and are hired independently and sporadically throughout the year by our 14+ sites around the country.
WHAT I'M LOOKING FOR
The staff members at each site know who should have access and to which space the new user needs access.
Is there any way to delegate permission to site staff to add users to a specific group in Confluence? I certainly don't want to add 14 Confluence Administrators, since that's just too much risk and way more permission than they need.
I've considered adding a new LDAP directory to handle just those users.
There are a couple of ways you could skin this cat.
LDAP - As you said. Have your LDAP repository contain some AD groups. Those AD groups would correspond to specific "functions" and would be pre-build into the sites. Membership in those groups would get you "access." If there is a org that is staffed enough and already has access to add/remove folks from those AD groups, that would be a good way to go. Existance in this AD group would get you access. You'll need to create a User Directory that matchings what you want...maybe multiple.
Internal to Confluence -
Create a group and add trusted folks to that group. They will have to be given the "Confluence Administrator" permissions through the "Global Permissions." There are plugins that give you an admin level view so you can review what has been happening.
Just my thoughts.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG