I have a customer that is looking to give normal users access to view and request access to Security groups thru MIM so I whipped this up!
Under Management Policy Rules search for Security to minimize your scope
Enable the following rules by disabling “Policy Is Disabled”
Security group management: Users can read selected attributes of group resources
Security group management: Users can add or remove any member of groups subject to owner approval
When you’re done these rules should reflect “No” in the Disabled column!!!!
Then change the Requestors on these following rules from Security Group Users to All Users and Groups
Security group management: Users can add or remove any member of groups subject to owner approval
Security group management: Users can read selected attributes of group resources
Next, under Administration go to Search Scope
Edit the following item and add the Usage keyword
Do the same thing in Administration under Navigation Bar Resource
Edit the following item and add the Usage keyword
Whenever you make UI changes, you need to perform an IISRESET on the Portal server
Now log in as your user and you should see the Security group section the same way an Administrator should see it.