Having established roles and workflows in Sitecore makes for good governance and ensures your authoring team is supporting your content strategy. While this seems like an organizational no-brainer for larger content teams, you may wonder if smaller teams need the same level of oversight. Don’t all these formal rules and processes just get in the way and make maintaining a site way more onerous than it needs to be? Why not just make everyone an admin?
In this post, we’ll go over why assigning a Sitecore Admin role to everyone on your team is a bad idea and provide a few instances when an Admin role should be used responsibly.
The Most Dangerous Checkbox
In the depths of the Sitecore User Manager lies the most dangerous checkbox to your organization’s website… the Administrator checkbox! This simple field should not be checked lightly for it can bestow even the lowliest of site users with the godlike ability to not only work with content outside of workflow, but to gain access to the more sensitive areas of your website. When used irresponsibly, an Admin account can glide through your Sitecore instance with the destructive grace of a bull in a china shop.
Initially, an Admin account can ignore any locks other Authors/Editors have put in place as part of your content workflow. This allows an Admin to edit, save and even publish changes to your live site, unaware that the page they just edited wasn’t complete because it didn’t go through a required legal review before it was published. Ignoring the locks set when content is checked-out can also cause versioning issues when an Admin and an Author attempt to work on the same piece of content simultaneously because the last saved version always “wins”.
More issues can arise because a Sitecore Admin account won’t create locked items in a draft state, or automatically trigger the creation of new versions of content they’re editing. This means that any changes they make will overwrite the current version of that content, robbing you of the ability to roll it back to its original state before they touched it. This also includes any incremental changes they may have made and saved along the way.
Content and workflow issues aside, the more terrifying issues can occur when an inexperienced user with Admin rights “accidentally” stumbles into areas that require more Sitecore knowledge than they have, and they quickly find themselves in over their head. They could do damage messing with something like the Presentation Details for a page because “it sounded like the thing I needed to get to was in there so I went in and clicked some things”, and there are some kinds of Sitecore changes that once done can’t easily be rolled back from.
With Great Power, Comes Great Responsibility
There are a few instances where a trusted member (or members) of the Authoring team with access to a “shared” Sitecore Admin account, one that exists separate from their regular account, can come in handy. For example, if Bob goes on vacation and forgets to check-in all the content he was working on, the same content that needs to be reviewed and published before he gets back from vacation, an Admin account can be used to check-in his content and move it through workflow without having to call him to do it.
There may also come a time when you are unable to insert a special marketing landing page with no navigation under a specific page in the content tree, but the Insert Options available to you as an author won’t allow it. An Admin account will let you bend the rules with permission just this one time (right?) so you can get it done.
One other time “Everyone’s an admin” might not work against you is during the initial stages of a large-scale content migration/entry effort where the reward of your authoring team being able to work outside of workflow outweigh the risks. Care should be taken to keep things organized so your trained team is not stepping on each other’s work and focused on the task(s) at hand, with nobody straying off into dangerous areas of the site.
When used responsibly by a well-trained user, a Sitecore Admin account can be a powerful tool to aid in the governance of your site and further your organization’s content strategy goals. Do you have any epic anecdotes of heroism or cautionary tales of horror about the use or abuse of an Admin accounts? Share them in the comments below.
