Operator access via Enterprise Manager broken after switch from local roles to Radius remote-roles

Hi, We delegate access to serverteams, to enable/disable poolmembers via an Enterprise Manager. The user accounts on the Big-IP's and EM are authenticated via Radius, but the role-definitions were all done locally. Because we are nearing 200+ user accounts, it was time to switch to remote-roles. After the change it wasn't possible anymore to manage pools & poolmembers via the EM. Only when logged in as admin. The EM documentation also indicated that the EM relies on local accounts to check the user privileges. I don't like the idea that we are stuck managing 200+ local accounts on dozens of big-ip's because of an EM limitation. I hope someone knows a workaround to give at least "operator" privileges to all EM users? Note that we can't use technical accounts because of compliance issues (financial institution).

 

With Kind regards, Joeri