Nas
(Artem Fedai)
January 12, 2016, 10:10pm
1
Hi @filippo_carletti @giacomo @stephdl is there any way to specify second Admin user for accessing to ServerManager?
Do you need a different username with the same permissions as root ?
I’d say admin .
Otherwise, user-delegated panel.
Nas
(Artem Fedai)
January 12, 2016, 10:39pm
3
@filippo_carletti exactly same permission as root or admin
I hope @davidep has a trick for you.
Nas
(Artem Fedai)
January 12, 2016, 10:52pm
5
ok it will be great for all community
stephdl
(Stéphane de Labrusse)
January 13, 2016, 6:40am
6
try this @Nas Nethserver-delegation needs testers
the only known limitation is that the dashboard is not visible for a user which is not root, but every panels can be delegated.
2 Likes
stephdl
(Stéphane de Labrusse)
January 13, 2016, 6:52am
7
I just realised that a user cannot be granted to the sudo access by the WEBUI, that would be good.
davidep
(Davide Principi)
January 13, 2016, 7:57am
8
Hi @nas ,
I think this is not documented Create a group named administrators
: its members will have the same permissions of admin and root from the server manager.
here’s the trick:
,
{
"Id": 1327570200,
"Effect": "ALLOW",
"Subject": ".groups HAS administrators",
"Action": "READ OR WRITE",
"Resource": "Nethgui\\System\\EsmithDatabase:*",
"Description":
"Administrators are allowed to read and modify any database"
}
,
{
"Id": 1328027438,
"Effect": "ALLOW",
"Subject": ".groups HAS administrators",
"Action": "QUERY OR MUTATE OR INSTANTIATE",
"Resource": "NethServer\\Module\\*",
"Description":
"Administrators are allowed to read and modify any module"
A similar effect for managers
:
,
{
"Id": 1328027438,
"Effect": "ALLOW",
"Subject": ".groups HAS administrators",
"Action": "QUERY OR MUTATE OR INSTANTIATE",
"Resource": "NethServer\\Module\\*",
"Description":
"Administrators are allowed to read and modify any module"
}
,
{
"Id": 1328028218,
"Effect": "ALLOW",
"Subject": ".groups HAS managers",
"Action": ["QUERY OR MUTATE OR INSTANTIATE", "WRITE"],
"Resource": [".category IS Management", "Nethgui\\System\\EsmithDatabase:accounts"],
"Description":
"Managers can access modules in Management category and write accounts database"
5 Likes
Nas
(Artem Fedai)
January 13, 2016, 8:27am
9
Hi @davidep it should be documented
3 Likes
davidep
(Davide Principi)
January 14, 2016, 9:08am
11
2 Likes