Who can assign existing permission sets when creating or editing user accounts?

Global Administrators have the highest level of privileges in a system, enabling them to manage all aspects of user accounts, including the assignment of permission sets. This role is crucial for ensuring that user permissions align with organizational policies and security requirements.

Global Administrators typically oversee the entire user base and have the authority to create, edit, and modify user accounts. This includes enabling or restricting access to various system functionalities based on the defined permission sets. Because of this comprehensive responsibility, they can assign existing permission sets effectively, allowing for proper access control management.

In contrast, other roles such as Local Administrators, Network Administrators, and User Account Managers may have limited capabilities. Local Administrators may manage accounts within a specific scope but usually do not have the overarching authority required to assign permission sets. Network Administrators focus on network infrastructure rather than user account permissions, while User Account Managers may deal with account creation and basic management but typically lack the privileges to assign permission sets across the entire system.

Understanding the hierarchical nature of administrator roles clarifies why only Global Administrators are designated to assign permission sets when managing user accounts.