Jira Service Desk Admins

Stephen O. Haruna March 6, 2020

We recently integrated Jira Service Desk to an existing Jira Software Instance. We noticed the existing Jira admins for Jira software automatically became admins for Jira Service Desk - only existing admins could create projects and other admin functions.

Is there a way to separate this admin functions so one group completely administer Jira Service Desk while the Jira Software admins only manage/administer Jira software?

5 comments

Comment

Log in or Sign up to comment
Ismael Jimoh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
March 7, 2020

Hi @Stephen O. Haruna 

With regards your request, please note that at the bottom, the applications are both based on JIRA Core which means that when a user has admin privilege in one application, they will have admin privilege to do some basic configuration across both applications.

For example, your JIRA Software administrators will still be able to create JIRA Service Desk (SD)projects, however without a JIRA Service Desk license, they will not be able to configure SD specific settings.

If you must separate them, then do the following:

  1. Create a group jira-software-admins
  2. Create another group jira-service-desk-admins
  3. Add the users who need each role to the respective groups.
  4. Go to your Global Permission page and add the groups to the Administer JIRA permission.
  5. Go to the Application Access page and add the groups to the corresponding Applications(don't make them default).
  6. Go back to the impacted administrators and adjust the groups they belong to.

As mentioned again, this does not mean JIRA software admins cannot create service desk projects and vice versa. They just will not be able to perform functionalities that are tied to the specific applications they have access to.

Cheers.

Taranjeet Singh
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
March 9, 2020

@Stephen O. Haruna I agree with suggestions from @Ismael Jimoh . Did you try them and get your issue resolved?

Stephen O. Haruna March 9, 2020

Thanks for your responses.  Following the suggestions, I was only able to deny JSD admin privileges and both groups still have "some" JSW admin privileges.

See my implementation below:

I created 3 projects: A, B, and C with 3 users.

A - JSD -----> user1 is site owner. Added userb and userc 

B - JSD ---> basic, can access both JSW and JSD, Jira-software-admin group - userb

C - JSW ......> basic, can access both JSD & JSW, Jira-service-desk-admin group - userc

Only userb can administer JSD projects. userc does not have admin rights in JSD. 

However, both users b and c still have admin privileges in JSW.

Also with this implementation, both users do not have certain system admin rights like view users with "administer Jira" permissions or view "Product access" settings. 

My use case involves having only the specific groups administer their products i.e jira-software-admins should be the sole admins for jira software and jira-service-desk admins the same privileges for jira service desk. I might be missing something and i haven't been able to figure this out. 

group.PNGder.PNGpa.PNG

Ismael Jimoh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
March 10, 2020

Hi @Stephen O. Haruna 

Please see my quote here:

As mentioned again, this does not mean JIRA software admins cannot create service desk projects and vice versa. They just will not be able to perform functionalities that are tied to the specific applications they have access to.

An administrator of the application will still be able to administrate other projects(irrespective of type). The problem comes when they want to make changes that impact specific functionalities tied to the application. 

For example, as a JSW admin, you should not be able to configure things like:

  • Request type
  • Customer permissions,
  • Portal settings to name a few.

These functionalities are tied to just the JIRA SD administrators since you do not have a valid license.

Likewise, it will likely be near impossible for a JIRA SD agent to configure a board because this is tied to JSW.

All basic functions are still tied to the JIRA core so if you have the administer JIRA permission, you can perform these. The restrictions only start setting in when you attempt to configure functionalities that are tied to the license you have.

Hope this clarifies things.

Cheers.

Like Stephen O. Haruna likes this
Stephen O. Haruna March 10, 2020

That settles my queries. Thanks for your insights and support.

TAGS
AUG Leaders

Atlassian Community Events