All Password Permission Inheritance from OUs
Currently, when a user creates a password he is assigned All Permissions regardless of what permissions he has on the OU.
So if a user has Read/Add permissions on an OU, he gets All permissions on the passwords he creates under the same OU.
This is a security risk, because an upset user can delete all passwords he created before he leaves !
2
votes
![](https://secure.gravatar.com/avatar/148802ab922099d56ddc2165912be684?size=40&default=https%3A%2F%2Fassets.uvcdn.com%2Fpkg%2Fadmin%2Ficons%2Fuser_70-6bcf9e08938533adb9bac95c3e487cb2a6d4a32f890ca6fdc82e3072e0ea0368.png)