Target based access privileges SAML switches

Tim_Patrick_ADS
Here to help

Target based access privileges SAML switches

We have 90 locations, each is its own network with an MX, MS’s and MR’s. We have a team that is half desktop support and half network support. I want to be able to give them the ability to move VLAN ports on the switches but not the ability to alter the configuration of the MX.

 

I attempted to do this with SAML and target based access privileges using the TAGS but it appears the TAGS only work at the network level not the device level.

 

Is there a way to give this team access to only the switch configuration and not the entire sites network?

2 Replies 2
rwiesmann
A model citizen

did you check this?

it explains how to create the permissions on a switchport level...

https://documentation.meraki.com/zGeneral_Administration/Managing_Dashboard_Access/Managing_Dashboar...

 

 

Tim_Patrick_ADS
Here to help

We did this is an option but it's likely an option of last resort as with 90 networks it will become an administrative overhead and it does not appear to roll up into the SAML roles so it would mean compounding the identity island issue.

Get notified when there are additional replies to this discussion.