Is there any way to restrict admin permissions in a granular way? For instance, one group of users should be able to add users and create new projects but cannot install / update plugins. I have tried separating 'System Administrators' and 'Administrators' but the Administrator role still has too much power.
Nope. System Admins, Jira Admins, <huge gap>, Project Admins, Ordinary users. That's your lot.
See https://jira.atlassian.com/browse/JRA-3156 for the main request to divide up permissions better. Vote, watch, suggest and hassle Atlassain!
OK - This is what I have uncovered by searching online.
My fix for this issue was to edit the default project roles for all new projects to exclude Jira-Users (group everyone gets) and to only include the common groups who always need access (Business users, IT Users, Development folks, etc.). For additional users who need access (ad-hoc) they are added manually to the project under User Role.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.