FAQ on Custom Role

FAQ on Custom Roles

  1. What is the Created permission and what does it allow users to do?
    The Created permission is a specific type of access control that permits users to perform actions such as View, Write, or Delete solely on the modules, like dashboard, that they have created. The users can manage their resources without impacting those created by others.
    For example, in a marketing team, each member creates their own dashboards for tracking campaign metrics. With the Created permission, a team member can View, Write, and Delete only the dashboards they have created without altering dashboards created by other team members.

  2. How can I create a custom role that does not have access to any monitors?
    To create a custom role without granting any access to monitors, check the No Access box next to the Monitor Configurations field. This will automatically apply No Access to all monitors. This action prevents the users with this custom role from accessing any monitor.
    For example, in a monitoring organization, a team creates a custom role to manage user accounts. To avoid unintentional changes or exposure to monitor data, the administrator creates a custom role with No Access for Monitor Configurations, preventing them from accessing performance monitors.


  3. What happens if a custom role assigned within the conditional assignment in Zoho Directory is deleted?
    In Zoho Directory, if a custom role is assigned within the conditional assignment and that role is subsequently deleted, the user or administrator will not receive an error message. The system will continue to function without indicating the deletion of the custom role. In this case, you have to re-schedule the conditional assignment.
    For example, consider an organization using Zoho Directory to manage roles like Marketing Specialist. If this role is deleted, users might lose key permissions, which may disrupt workflows. To prevent this, the organization must reassign affected users to an existing role, such as Marketing Associate, to restore their access.
  4. What security risks can arise from granting Write or Delete access in a Custom role?
    Only Super Admins can create a Custom role. A Custom role user with full access to User Management can gain access to all resources or perform sensitive actions by adding dummy users. This permission should be given only to trusted users.
    For example, by creating a dummy user with elevated permissions, such as Write and Delete access, they can gain access to all resources and perform sensitive actions previously unavailable to them. It is crucial to monitor and control who can create or modify roles to prevent unauthorized access and ensure compliance with security protocols.
  5. Can Super Admins customize menus for all custom users?
    Yes, Super Admins can customize menus for each user assigned a Custom Role. To restrict access for a specific user, create a Monitor Group that excludes monitors from the restricted modules and associate this group with the user. 
  1. What is custom role?
  2. Custom roles for MSP
  3. Custom roles for Business Units