I learned that in order for UserA to have permission to use cf set-org-role UserB, UserA must be a UAA admin.
We are not integrated with AD yet (we are still behind some versions in CF due to some customization). The challenge I face is, my operation team needs to use their own account to manage users (add/remove org role and space role).
So in this case, should I create the user of each member in the operation team in UAA as admin using uaac? I believe both UAA and CF users use the same UAA user table.
