We have a scenario where our MWS is connected to LDAP. We have certain MWS system administrators as well.
We often get requirements where the Operations team (we have a role created for Operations team and added certain users) need to add a new member to existing role in MWS.
However, the operation team do not have access to edit roles.
Now, if we give access to the operations team to edit roles, then they can actually add themselves as Administrator or edit any Administrator based roles.
Is there a way where we can grant them access to edit only specific roles and not all roles.?