Problem
When you are creating a new custom Admin Role in your Admin Console and you need to know which Privileges can be limited to specific OUs and which cannot.
Environment
- Admin console
Solution
Domain wide privileges, meaning that they cannot be limited to take effect on specific Organizational Units.
- Settings Privileges
- Domain Settings
- Groups
- Reports
- Security - Only allowing access for less secure apps is the only setting that can be limited to specific OUs
- Support
- Services Privileges
- Calendar
- Google Meet Hardware