SIR - Lockdown Security Administrator / (sn_si.external) role - Support and Troubleshooting

SIR - Lockdown Security Administrator / (sn_si.external) role Issue System Admins are no longer able to manage groups granted the (sn_si.external) role

Release Tokyo/Utah

Cause Once (sn_si scope ) has scoped admin enabled via suggested lockdown, only users with the scoped admin (sn_si.admin) role will be able to manage the users and groups within the scope.

Resolution Possible Workaround for this issue would be creating a new role in Global Scope. This way Admins can grant this role to external teams — (rather than granting sn_si.external)

In order for this to work, you will need to grant this newly created role the OOB ACL for table. The role is also tied to this My Security Work homepage. If this dashboard is needed, this can be cloned and updated with the newly created role