When assigning a user roles, specifically from a directory lookup, an admin may not have any control over which roles/groups are added and in which order. A question came up regarding this recently and I'm hoping someone has an idea on how this functionality is resolved in Dynatrace.
If a user is assigned permissions from a role A and role B, and these defined roles have conflicting permissions - i.e., role A is read/write access to a profile, while role B is simply read - is there a precedence in which these conflicts are resolved? I have heard this was based on which permission was 'found' first by Dynatrace and that it is not an 'add' system.
Any insight into how Dynatrace manages conflicts such as these would be very helpful. Thanks.
Solved! Go to Solution.
Roles in Dynatrace are additive - that is, a user gets permissions allowed in any role to which the user belongs.
role A has the permission to analyze visits (but no permission to analyze method calls)
role B has the permission to analyze method calls (but no permission to analyze visits)
a user with both roles has the permission to analyze visits and to analyze method calls.