We are looking for a solution in order to give a particular role (super user) access to the Organization module just for adding / removing users from groups. We, admins, don't want people from the support team to be able to add or remove group from the organization structure.
Is it possible with the OoTB solution or do we have to do some customization?
You have couple of options COTS at hand
1) Group Administrators (GA)- You can mark a group member as GA. GAs can add or remove users from the group. They can also manage group preferences
2) Authorization: You can authorize a Role in Group (RIG) to have complete access to Organization. So all members with that RIG will have full admin privileges to Organization
In our implementation, we have a web portal where users request for access. We use make_user utility to manage all organization related changes.
Thanks for your feedback.
We looked at the GA, but it doesn't answer our needs. GA can set DBA permission on the group. Same for the RIG because we don't want support users to have fill access to the Organization module.
We might develop our own tool then...
thanks a lot anyway!