Restricted user access

[ChrisRW]

So, I can restrict users on WHAT they can do - I cannot for the life of me figure out how to restrict users access on WHO they can to it to. For instance, I have 3 departments in my call center and I want to grant all of the managers access to changing agent skills (I don't really - that would be crazy town, but just as an example) I want managers of dept 1 to be able to change ONLY department 1 agents' skills and not see or be able to change Department 2's agent skills. How do I enact restricted access for managers such that they can only see their own department? Any assistance is much appreciated.

[cavagnaro]

Create access groups and apply policies to them.
Do some tests before propagating all permissions

[Steve]

I assume that the agents are in sub folders for each department (or agent groups based on a site skill) so as Cav says create 3 access groups DEPT1_MANAGERS, DEPT2_MANAGERS and DEPT2_MANAGERS.

Then you can grant read permissions to all 3 on Resources and Persons without propagation, and then read propagated to the relevant folder for each site. You will have to ensure that the users are not picking up permissions on the folders from somewhere else like the Administrators group.

[ChrisRW]

Thank you both. I think I'm just about ready to get this finished.